OSVDB Blog :

Everything Is Vulnerable

[0x1] iDefense VCP as seen through OSVDB

[0x2] February Update: OSVDB Winter 2010 Fundraising Goal

[0x3] Time to.. Track More Data

[0x4] Open Security Foundation - Advisory Board - Call for Nominations

[0x5] Open Security Foundation - State of the Union 2010

[0x6] January Update: OSVDB Winter 2010 Fundraising Goal

[0x7] Microsoft, Aurora and something about forest and trees?

[0x8] Challenge: OSVDB Winter 2010 Fundraising Goal

[0x9] Adobe, Qualys, CVE and Math

[0xA] OSVDB 2009 Q4 Changelog

Linux Exposed

The Linux Security and hacking Resource

[0x1] Hosted Exchange and Hosted Sharepoint

[0x2] Inspecting HTTP

[0x3] Windows Hacking and Windows Security Site

[0x4] Cracking WPA and WPA2 passwords

[0x5] Ilegal SEO techniques

[0x6] Torrents and SSH Tunnels

[0x7] Preventing Accidental Denial of Service

[0x8] Enhance Security with Port Knocking

[0x9] Analyzing Malicious SSH Login Attempts

[0xA] Formatstrings and OpenBSD

pSeries Tech Talk Forums - AIX for POWER Systems

Discuss AIX for POWER Systems. Support for AIX commands, backup and restore and AIX shell scripts.

[0x1] AIX v6.1 AIXpert IP filtering

[0x2] AIX v5.3 stop qdaemon send out mesg to users

[0x3] RSS Feed IBM PowerVM Workload Partitions Manager for AIX, Version 2.1

[0x4] AIX v5.3 AIX 5.3 an Progress DB

[0x5] AIX v5.3 IBM Hardware Feature Code

[0x6] RSS Feed Debugging C++ applications using ProbeVue

[0x7] AIX v5.3 Network and hostname configuration....the right way

[0x8] AIX v5.3 Large Filesystem

[0x9] AIX v5.3 AIX 5.3 Virtual CPU

[0xA] AIX v5.3 Does anyone know these errors?

Boycott Novell

Exploring the reality behind exclusionary deals with Microsoft and their subtle (yet severe) implications

[0x1] Videos: Peter Landrock on His Software Patent and DeGucht Defending ACTA

[0x2] Bill Gates and Steve Jobs Extortionists With Software Patents

[0x3] Microsoft and Insecurity: Vulnerabilities, Botnets, and a Whole Lot of Nerve

[0x4] Patents Roundup: Lawyer Takeover, Failed Reform, and Policy Laundering With ACTA

[0x5] Response to Red Hat FUD from Canonical’s COO Matt Asay

[0x6] Ubuntu One Adds Mono Bindings

[0x7] IRC: #boycottnovell @ FreeNode: March 9th, 2010

[0x8] IDG Gives a Platform for Microsoft’s Familiar Attack Dogs (and Former Employees) to Smear GNU/Linux

[0x9] Milton Public Library and Other Regional Libraries Deploy GNU/Linux

[0xA] Links 9/3/2010: Yellow Dog Linux for CUDA, OpenArena 0.8.5

The Hacker's Choice - Freeworld News

News around The Hacker's Choice including releases, papers, exploits and other activities

[0x1] Found vmap FINAL during cleanup!

[0x2] THC is hosting a #bluebox party at har2009.

[0x3] THC is proud to release a video and a tool to backup data...

[0x4] BLOG: The risk of ePassports and RFID

[0x5] BLOG: Story from the past of how to scan the internet

[0x6] THC is proud of hosting BlueMaho, a Bluetooth Security Te...

[0x7] From now on THC is sharing their thoughts with you!

[0x8] THC is proud to announce the SIM Toolkit Research Project.

[0x9] THC is proud to announce that the GSM Software Project an...

[0xA] Dear visitors, dear fans and supporters of THC.

dropsafe

network security, free software, cycles, food, drink, life...

[0x1] Twitter Updates for 2010-03-10

[0x2] Twitter Updates for 2010-03-09

[0x3] Twitter Updates for 2010-03-07

[0x4] Twitter Updates for 2010-03-05

[0x5] Twitter Updates for 2010-03-04

[0x6] Brompton Carradice CarraDry Waterproof Bag Review

[0x7] Twitter Updates for 2010-03-03

[0x8] Twitter Updates for 2010-03-02

[0x9] Addressing The Outmoded Swapping And Paging Strategy in OSX?

[0xA] Twitter Updates for 2010-03-01

US-CERT Cyber Security Bulletins

US-CERT Cyber Security Bulletins provide bi-weekly summaries of security issues and new vulnerabilities. They also provide patches, workarounds, and other actions to help mitigate risk.

[0x1] SB10-067: Vulnerability Summary for the Week of March 1, 2010

[0x2] SB10-060: Vulnerability Summary for the Week of February 22, 2010

[0x3] SB10-053: Vulnerability Summary for the Week of February 15, 2010

[0x4] SB10-046: Vulnerability Summary for the Week of February 8, 2010

[0x5] SB10-040: Vulnerability Summary for the Week of February 1, 2010

[0x6] SB10-018: Vulnerability Summary for the Week of January 11, 2010

[0x7] SB10-011: Vulnerability Summary for the Week of January 4, 2010

[0x8] SB10-004: Vulnerability Summary for the Week of December 28, 2009

[0x9] SB09-362: Vulnerability Summary for the Week of December 21, 2009

[0xA] SB09-355: Vulnerability Summary for the Week of December 14, 2009

Network World on Security

The latest security news, analysis, reviews and feature articles from NetworkWorld.com.

[0x1] Practical priorities in PCI DSS logging

[0x2] Indian banker charged with online funds fraud

[0x3] Twitter to begin screening some links for phishing

[0x4] Phishers widen their net to target new businesses

[0x5] Office updates patch Excel security flaw

[0x6] Panda discovers malware on HTC Magic phone

[0x7] European Parliament debates anti-ACTA petition

[0x8] Survey: Pay rise for half of Asia Pacific security pros

[0x9] Kaspersky invents security suite for 'expert' user

[0xA] Travelers file complaints over TSA body scanners

CERIAS Combined Feed

News and Blog posts from CERIAS. This feed does not include our events calendar (http://www.cerias.purdue.edu/feeds/events)

[0x1] Making the CWE Top 25, 2010 Edition

[0x2] Cowed Through DNS

[0x3] Blast from the Past

[0x4] Is it ‘High Noon’ for Google, China?

[0x5] Scammers target givers after Haiti earthquake

[0x6] Drone “Flaw” Known Since 1990s Was a Vulnerability

[0x7] An old canard reappears (sort of)

[0x8] Talking to the Police All the Time

[0x9] CERIAS partners with industry, academic leaders to address nation’s cybersecurity threats

[0xA] “Verified by VISA”: Still Using SSNs Online, Dropped by PEFCU

CSOONLINE.com - Audit

[0x1] RSA 2010: Why 41 Percent of You Would Fail a PCI Audit

[0x2] Five Security Missteps Made in the Name of Compliance

[0x3] Report: Layer 7 Increasingly Under DDoS Gun

[0x4] Internal Investigations: The Basics

[0x5] The Great PCI Security Debate of 2010: Transcribed

[0x6] PCI DSS, Come Forward and Be Judged

[0x7] Compliance as Security: The Root of Insanity

[0x8] The Mass. 201 CMR 17 Survival Guide

[0x9] The Patch Tuesday Survival Guide

[0xA] Why Pen Testing Is Central to Pennsylvania's App Security

Security Weekly by Computerworld

Security Weekly by Computerworld

[0x1] Microsoft warns of new IE bug; attacks under way

[0x2] Kaspersky invents security suite for 'expert' user

[0x3] Online security questions are too easy to answer

[0x4] Second generation quantum cryptography in developement

[0x5] NexBis defends investment strategy

[0x6] US lifts Iran, Sudan, Cuba Internet services export ban

[0x7] Satyam still risky a year after fraud revealed: Forrester

[0x8] IBM looks to pair security technologies for software development

[0x9] Thailand approves credit card hacker's extradition to US

[0xA] Energizer Bunny's software infects PCs

TippingPoint DVLabs Threat Protection Updates

Monthly threat protection updates from TippingPoint DVLabs. For more information, visit dvlabs.tippingpoint.com

[0x1] TippingPoint DVLabs Threat Protection Update - November 2009

[0x2] TippingPoint DVLabs Threat Protection Update - July 2009

[0x3] TippingPoint DVLabs Threat Protection Update - June 2009

[0x4] TippingPoint DVLabs Threat Protection Update - May 2009

[0x5] TippingPoint DVLabs Threat Protection Update - April 2009

[0x6] TippingPoint DVLabs Threat Protection Update - March 2009

[0x7] TippingPoint DVLabs Threat Protection Update - February 2009

[0x8] TippingPoint DVLabs Threat Protection Update - January 2009

[0x9] TippingPoint DVLabs Threat Protection Update - December 2008

[0xA] TippingPoint DVLabs Threat Protection Update - October 2008

ITWeb Computing

Latest ICT Computing news

[0x1] Cloud computing brings risks

[0x2] Google makes concessions to Europe

[0x3] Stratus introduces ftServer line

[0x4] Toshiba unveils green hard drive

[0x5] The Beatles enter the digital age

[0x6] Mobile devices get virtualisation app

[0x7] Starship releases NAS solution

[0x8] European server sales hit rock bottom

[0x9] Gaming tech reaches operating room

[0xA] Power policies not enough

IT.com.mk

IT.com.mk - RSS Feed

[0x1] ИТ.мк: Корисниците гневни на МАРНет

[0x2] Да немаше интернет би...

[0x3] Копирај и пастирај интересни знаци

[0x4] Интернет воајерство со ChatRoulette

[0x5] TED: Сакаме отворени сурови информации!

[0x6] Јас, медиум

[0x7] ИТ.мк: Спојување на два ИТ факултета?

[0x8] 79% веруваат дека интернет е основно човеково право

[0x9] Неделен преглед 06.03.10: Преводи, ИК Банка, спам, Mafia.мк...

[0xA] Како А1 е исмејувана поради лажен Twitter профил

Security Watch

Security Watch is a resource center for everything related to tech security: the latest news, review summaries and advice on security-related topics. We show you how you can protect your online identity and keep your computer safe.

[0x1] LimeWire Adds AVG Malware Scanning To Pro Service

[0x2] PayPal Recommends Iconix Email Authentication System

[0x3] Government Bombarded With Cyber Attacks

[0x4] Vodafone Distributes Malware on HTC Magic Mobile

[0x5] IE Zero Day Attacks Expose IE6, IE7 Users

[0x6] Patch Day Light Yields 2 Updates From Microsoft

[0x7] FTC Warns Companies of Breached Data on P2P Nets

[0x8] Trojan Found in USB Battery Charger Software

[0x9] Beware Fake Census Sites

[0xA] New Law If You Have Customers in Massachusetts

IT Management & Trends White Papers

CIO, Emerging Technologies, and Project Management White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] Best-Practice Automation of Invoice Delivery from SAP(R) Solutions - Keeping Customers Satisfied While Making the Move

[0x3] The Learning Organization Goes Digital

[0x4] 10 Tips - IT Training Support

[0x5] How to Make Your IT Staff Smarter

[0x6] Improving Application Development with Digital Libraries

[0x7] Working Green with Digital Libraries - How it Can Help

[0x8] Minimizing Technology Project Delays with Digital Libraries

[0x9] How VMware Virtualization Right-sizes IT Infrastructure to Reduce Power Consumption

[0xA] Reduce Energy Costs and Go Green with VMware Virtualization

BugSpy.net - Latest Reports

[0x1] Eraser (stopper severity): Failure to empty recycle bin (version 6.0.6.1376)

[0x2] Grails and Grails-Plugins (stopper severity): Dynamic Finders: find(All)By* (core feature of GORM) is not working on GORM-JPA plugin-0.7

[0x3] MLE - Mobile Learning Engine (stopper severity): Mobile tags reading

[0x4] ZooKeeper (stopper severity): NPE in the hudson logs, seems nioservercnxn closed twice

[0x5] WebGUI (stopper severity): blank page after setting posts per page in Collaboration System to 0 (zero)

[0x6] Struts2 (stopper severity): NPE in the hudson logs, seems nioservercnxn closed twice

[0x7] ActiveMQ (stopper severity): Deadlock during FailoverTransport interruption

[0x8] Drupal (critical severity): tabledrag: menu children take top of left region or not at all in IE (ver 7.x-dev, block.module)

[0x9] Drupal (critical severity): “Seven” breaks keyboard navigation (ver 7.x-dev, Seven theme)

[0xA] Drupal (critical severity): Block visibility settings cannot be properly extended (ver 7.x-dev, block.module)

Delicious/kungfuhacker

bookmarks posted by kungfuhacker

[0x1] 18293: Belkin 54G Routers Admin Account Default Null Password

[0x2] Cigarbid.com Auctions

[0x3] Habanos & Hermanos - Cigar Viewer

[0x4] Tenable Network Security: Podcast

[0x5] YouTube - tenablesecurity's Channel

[0x6] YouTube - tang lang chuan - tao de la mante religieuse

[0x7] YouTube - Tang Lang Quan Complete Program Part 1

[0x8] YouTube - Shaolin Long Fist Kung Fu Intermediate Sequences with Applications DVD preview

[0x9] YouTube - Xiaohuyan

[0xA] YouTube - Xiao Hu Yan / So Ho Yun / 小 虎 燕

Free Information Technology Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications about information technology and digital communication.

[0x1] A Greener Planet Starts with Smarter IT

[0x2] A Newbie's Getting Started Guide to Linux

[0x3] Defense Technology International

[0x4] Climate Change: Challenges and Opportunities for Business

[0x5] Creating Superior Customer Value with Operational Intelligence

[0x6] Improving Revenue Recognition to Enhance Performance

[0x7] Mobility in Manufacturing: Achieve a New Level of Lean and a New Level of Profitability

[0x8] The Importance of a Print Management Strategy And Why it Matters

[0x9] Business Intelligence: The Definitive Guide for Midsize Organizations

[0xA] The Alignment-Focused Organization: Bridging the Gap Between Strategy and Execution

Daniel's Blog

Information security, scuba diving and some other things I am interested in...

[0x1] That “flip” thing

[0x2] MBAs and GMAT

[0x3] Where should you buy it? Try Mustafa*!

[0x4] Bondi got flipped!

[0x5] Are you aware of the new business models which are now available on the web?

[0x6] Hello Merlion!

[0x7] Movember video!

[0x8] Do you also hate telemarketers?

[0x9] Fraud Numbers in Australia. Are we secure?

[0xA] SaaS (Software as Service) Risks

/dev/one

Security related tools, Network protocols, Operating Systems, SIMS, NIDS... target: Security

[0x1] Improved version of pcap2rawc

[0x2] Rule2Alert

[0x3] I must feel lucky...

[0x4] Ante la inclusión en el Anteproyecto de Ley de Economía Sostenible

[0x5] Profiling with shark on Mac OS X - Snow Leopard

[0x6] pcap2rawc.py

[0x7] Snort ( 2.8.* < 2.8.5stable) Unified1 output bug

[0x8] another birthday present

[0x9] NetMirror

[0xA] pcap to scapy

Splunk Blogs

[0x1] Universally Indexing Business Data

[0x2] Our First Splunk Live! in Munich, Germany

[0x3] Real Life in the Digital World of Warcraft

[0x4] Pollution is Bad

[0x5] Splunk on the road with Accenture, Swisscom, Cox, Atlanta Journal Constitution, Voxeo and Coleman Technologies

[0x6] Guess What Time It Is

[0x7] SCALE in Review

[0x8] Free as in Beer, Free Beer and a Discount Code for RSA

[0x9] Splunk at SCALE 8x in LA This Weekend

[0xA] Breaking Up is Hard to Do

Cryptography Blog

Cryptography Blog

[0x1] DNA cryptography?

[0x2] Self-Encrypting Hard Drives

[0x3] Diebold Audit Logs

[0x4] Black Hat DC 2009 and Research

[0x5] Data Theft and Loss - It's Inevitable So Just Be Prepared

[0x6] Electronical Health Records - Law and Technology

[0x7] SSL is not broken; MD5 is and has been for a long time

[0x8] A Basic Tip Regarding Wireless Security

[0x9] The Big Business of Computer Crime

[0xA] The Transparent Society Begins

Essential Computer Security

Computer Security In Plain English For Normal People

[0x1] How to Avoid Rogue Security Software

[0x2] What’s a Rogue – And Why Do You Need to Know?

[0x3] Top 10 Ways Computer Security Will Improve in 2010 (Not!)

[0x4] The Year in Malware–A 2009 Review

[0x5] Taking Steps to Protect the Network on Cyber Monday

[0x6] November 2009

[0x7] White Paper: Panda Cloud Protection

[0x8] Facebook and Twitter Phishing Attacks

[0x9] Become a Fan, Win a 1Tb ioSafe Drive

[0xA] Record-Setting Patch Tuesday from Microsoft and Adobe

Techworld.com Networking

Latest IT articles from Techworld's Networking channel

[0x1] Cisco shows off Internet super-router

[0x2] Asus Home Server TS mini review

[0x3] Microsoft shuffles web browsers on ballot screen

[0x4] US lifts Internet sanctions on Iran, Sudan, Cuba

[0x5] Internet Explorer 6 buried in funeral

[0x6] Ex-Novell CTO becomes W3C chief

[0x7] TalkTalk upgrades broadband up to 24Mbps

[0x8] IBM connects chips with light

[0x9] US may use WTO to resolve Google-China dispute

[0xA] Hedge fund has Novell in its sights

InformationWeek Analytics Weblog

Here you'll find observations, anecdotes, and analysis from our experienced staff of reporters and editors, with links to stories, surveys and other content that appear on InformationWeek.com, TechWeb.com, and many other points on the Web. We welcome discussion, and invite you to share your opinions and thoughts. Please participate with us!

[0x1] The Best Deal On IT Research -- Period

[0x2] What's Your Outsourcing Vision?

[0x3] Smoke And Mirrors Pricing Stifles PPM Tool Adoption

[0x4] Misguided Security Leads To Insecurity

[0x5] Cybercrime As An Economic Threat

[0x6] I Want You For My Server Survey

[0x7] Barracuda Networks Enters the Enterprise Firewall Market

[0x8] Linux's Hypervisor Complex

[0x9] InformationWeek's RSS Feed is brought to you by

[0xA] Your Dad's SLAs And The Cloud

CSOONLINE.com - Global

[0x1] Corporate Espionage: Tomorrow Arrived Yesterday

[0x2] Friday Quiz: Google Versus Everybody

[0x3] Managing Security Overseas: Contact and Coordination with Local, Regional, and International Authorities

[0x4] Counterfeit Money: Still Going Strong

[0x5] The Pirate of Prague, Foreign Corrupt Practices, and You

[0x6] Chinese Teen Beaten to Death at Internet Addict Camp

[0x7] China's Web Porn Arrests Include Tech-Savvy Site Owners

[0x8] Can Pirates be Stopped?

[0x9] China Denies U.S. Power Grid Attack

[0xA] Piracy Law Cuts Swedish Net Traffic By Half

Deb-Tech

[0x1] Cloudy days ahead: Why Microsoft should find a new name for its online services

[0x2] Has social networking killed the email discussion list?

[0x3] MVPs and Brand Loyalty

[0x4] Beware of fake Firefox updates

[0x5] The new laptop: I went with my heart, not with my head

[0x6] iPad? iDon’tThinkSo

[0x7] Ebook readers in violation of the ADA?

[0x8] Here’s why I ignored your Facebook friend request

[0x9] Will Apple bring the Tablet back to Life?

[0xA] Omnia II, Part II

Black Hat Forum Black Hat SEO

BlackHatWorld is a backhat SEO Forum dedicated to learning black hat seo, cloaking, doorway pages, blogging, automatic content generators and more. Master the ART of "BlackHat"!

[0x1] Google Analytics for Facebook Fan Pages

[0x2] Google AdSense Generator LOL

[0x3] crawl Google Profile pages and extract their information as structured data

[0x4] autoresponder for cl

[0x5] How to check whether a site has been banned by askimet?

[0x6] PVA Script... I have one, maybe JV?

[0x7] can anyone help me with my easypsp

[0x8] Anyone can help me with FBML?

[0x9] Squidoo Autoposter

[0xA] Can you point me to a rewriting assistant software?

Slashdot

News for nerds, stuff that matters

[0x1] EU Parliament Rejects ACTA In a 663 To 13 Vote

[0x2] Study Shows TV Makes Kids Fat, Computers Don't

[0x3] Ex-Sun Chief Dishes Dirt On Gates, Jobs

[0x4] Professors Banning Laptops In the Lecture Hall

[0x5] Rock Band 3 Officially Announced For Holiday 2010

[0x6] Linux Takes Over E-Voting In Australian State

[0x7] Puzzle In xkcd Book Finally Cracked

[0x8] The Value of BASIC As a First Programming Language

[0x9] US Considers Some Free Wireless Broadband Service

[0xA] US Gamers Spend $3.8 Billion On MMOs Yearly

HacDC

HacDC's mission is to improve the world by creatively rethinking technology.

[0x1] AVR Programming Class

[0x2] Army Launches "Apps for the Army" Development Challenge (Todd Fine)

[0x3] Kit Build - Junior Theremin

[0x4] Hardware Hacking Course

[0x5] Wireside Chat and Artificial Intelligence

[0x6] Kit Build - LED Heart

[0x7] HacDC Lightning Talks

[0x8] Hacker's Lounge CANCELED

[0x9] Hacker's Lounge this Friday (2/5)! [CANCELED]

[0xA] DorkbotDC Meeting!

Jeremy's Computer Security Blog

-------------> vulnerability research and development <--------------

[0x1] Adobe Flash Temporary Filename Scheme

[0x2] Reverse Engineering File Formats

[0x3] Browser Fuzzer 3

[0x4] Writing Code that Breaks Code

[0x5] Mozilla Code *sighs*

[0x6] From Static Analysis to 0day Exploit

[0x7] Some vendors are 'unconcerned'

[0x8] Firefox Local Download Manager Vulnerability

[0x9] Desktop Management Interface (DMI)

[0xA] Vamos Updates!

OStatic blogs

[0x1] A Bright Future for Drizzle

[0x2] Wear Your Linux Pride on Your Sleeve, Linux.com Launches New Store

[0x3] Electronic Frontier Foundation Examines, Stomps On iPhone Developer Agreement

[0x4] 5 Open Source Resources For Boosting Your Productivity

[0x5] Filling the Gap: Open Clip Art Library Provides More than 26,000 Images

[0x6] Tinymail 1.0 Released

[0x7] reMail E-mail Search Tool Is Going Open Source

[0x8] Why Canonical Should Imitate Apple's Early Playbook

[0x9] OStatic Buffer Overflow...

[0xA] Towards a Beautiful WordPress Future: Automattic Hires Theme Wizard Ian Stewart

Published Security Alerts

Published Security Alerts

[0x1] SQL Injection in SYS.KUPV$FT in Oracle 10g. Rel. 1

[0x2] SQL Injection in SYS.KUPV$FT_INT in Oracle 10g. Rel. 1

[0x3] Event 10053 logs TDE wallet password in cleartext

[0x4] Transparent Data Encryption stores key unencrypted in the SGA

[0x5] Cross-Site-Scripting in Oracle Workflow wf_route

[0x6] Cross-Site-Scripting in Oracle Workflow wf_monitor

[0x7] Shutdown listener via iSQL*Plus

[0x8] Shutdown listener via Forms Servlet

[0x9] Plaintext Passwords logged during Installation of Oracle HTMLDB

[0xA] Cross-Site-Scripting Vulnerabilities in Oracle HTMLDB

Shon Harris' Amazon Blog

Shon Harris' Amazon Blog

[0x1] You don't need to meet any requirements to sit the exam - you can gain them as time goes on.

[0x2] Economical Uncertainities

[0x3] New Material on the CISSP Exam in 2009?

[0x4] Connecting with Shon Harris

[0x5] Part 5 of 5 - Having the Right Perspective on the World of Security

[0x6] Part 4 of 5 - Learning Security through the View of CISSP versus Reality

[0x7] Part 3 of 5 - Is It Really A Waste Of Time To Learn About The Wide Spectrum Of Topics Covering Security?

[0x8] Part 2 of 5 -Training For CISSP – The Early Days

[0x9] Busting through the Myths of the CISSP Exam

[0xA] What do CISSPs Really Know?

Computerworld Blogs

[0x1] Charles Thacker wins Turing Award

[0x2] iPhone app contract shows Apple is the enemy of open source

[0x3] It's time to end government-funded iPhone apps (and curb Apple's control-freak tendencies)

[0x4] Always glad to pitch in

[0x5] Apple's iPad: Awkward to use in any position? And other questions

[0x6] Ex-Sun CEO dishes dirt: Steve Jobs as Apple "patent troll"

[0x7] I want a Mac Mini on steroids

[0x8] And the winner of the Novell sweepstakes is...Microsoft?

[0x9] Whiz kid weighs in on Windows 7

[0xA] The Linux desktop is already here

PaulDotCom

[0x1] PaulDotCom Security Weekly - Episode 189 - March 5, 2010

[0x2] Episode 189 date & time change!

[0x3] SSH gymnastics with proxychains

[0x4] "IPv6 Survival Guide" seminar discount offer!

[0x5] PaulDotCom Security Weekly - Episode 188 - February 25, 2010

[0x6] PaulDotCom Episode 188 Featuring Daniel Suarez

[0x7] Meterpreter script to unlock the screensaver

[0x8] Killing the Monkey in the Middle

[0x9] Links between forensics and pen tests

[0xA] Running a command on every machine in your domain from the command line

Ministry of Justice Latest news

[0x1] Tribunal awards: defaulters' names to be put on public debt register

[0x2] Powers of Attorney cost reduction takes effect

[0x3] New probation trusts announced to cut reoffending

[0x4] Law firms to allow non-lawyer partners

[0x5] Appointment of new members to Advisory Panel on Public Sector Information

[0x6] Guide to Criminal Procedure (Amendment No. 2) Rules 2008

[0x7] Her Majesty's Courts Service key performance indicators 2009-10

[0x8] Public have their say on how criminals payback

[0x9] Domestic violence: 18 new special courts announced

[0xA] Justice minister welcomes annual report on deaths in custody

Free IT - Data Management Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications and offers about databases and data management.

[0x1] A Greener Planet Starts with Smarter IT

[0x2] Reaping the Benefits of Next Generation Dashboards

[0x3] Today's Integrated Approach to Global Logistics and Fulfillment

[0x4] Achieving Compliant Manufacturing Excellence through Real-time Performance Management and Continuous Improvement

[0x5] US Federal Roadmap to Effective eGovernment

[0x6] 15-Minute Guide to Intelligent Capture

[0x7] Forrester Study: Good Governance, Compliance and Archiving

[0x8] Good Information Governance - Addressing Compliance, eDiscovery, and Information Privacy

[0x9] IDC White Paper: Information Governance for the 21st Century - Building an Archive-based Architecture to Support Information Management

[0xA] Cost Effective Security and Compliance with Oracle Database 11g Release 2

Government Technology Public Safety / Justice / Homeland Security News

Government Technology: News: Public Safety / Justice

[0x1] Better Productivity and Officer Safety Part 3 of Front Line Technology Series

[0x2] High-Tech Tools Detect Weapons of Mass Destruction at Los Angeles Port Complex

[0x3] Washington, D.C., Tracks Fire Hydrants with Analytics and Asset-Management Software

[0x4] Improving Data Quality to Reduce Fraud and Increase Revenue

[0x5] Public Safety Projects to Connect Emergency Crews in Morris County, N.J.

[0x6] Keeping Officers Connected Part 1 of the Front Line Technology Series

[0x7] School District Spied on Students via Laptop Webcams, Lawsuit Claims

[0x8] Early Earthquake Warnings May Help Californians in Disaster Preparation

[0x9] San Jose, Calif., Upgrades 911 Call Center Technology

[0xA] Washington, D.C., Partners with Feds to Test 4G Technology for National Public Safety Network

Hack a Day

Fresh hacks every day

[0x1] Game glove learns your weakness

[0x2] R2D2 build video

[0x3] Will this mouse get me kicked out of the coffee shop?

[0x4] One minute review of your wasted time

[0x5] Add a clean room to your workshop

[0x6] LEGO sequencer builds sound in 3D

[0x7] Tube clock database

[0x8] Cardboard Androids

[0x9] LEDs invade coffee table crevice

[0xA] Dr. Boardman’s Color Conundrum

good coders code, great reuse

Peteris Krumins' blog about programming, hacking, software reuse, software ideas, computer security, google and technology.

[0x1] Visual Math Friday

[0x2] Vim Plugins You Should Know About, Part VII: ragtag.vim (formerly allml.vim)

[0x3] Donald Knuth’s First Computer

[0x4] MIT Linear Algebra, Lecture 6: Column Space and Null Space

[0x5] Deriving the Y-Combinator

[0x6] Must-Have Windows Software (or Windows Programs that I use)

[0x7] Famous Perl One-Liners Explained, Part V: Text conversion and substitution

[0x8] How to keep track of who’s talking about you

[0x9] How to Steal a Botnet (Video Lecture Summary)

[0xA] MIT Linear Algebra, Lecture 5: Vector Spaces and Subspaces

CSOONLINE.com - Awareness

[0x1] Awareness tool: Spotting online scams

[0x2] Social Media Risks: The Basics

[0x3] Companies on IT Security Spending: Where's the ROI?

[0x4] Social Engineering: The Basics

[0x5] 10 Things That Didn't Happen in 2009 (And Probably Won't Happen in 2010)

[0x6] Checklist: 11 Security Tips for Black Friday, Cyber Monday

[0x7] 3 Basic Steps to Avoid Joining a Botnet

[0x8] The Cloud Security Survival Guide

[0x9] PCI DSS: No Angel, But Certainly Not the Devil

[0xA] 7 Ways to Stay Happy in a Miserable Profession

GlobalSecurity.org

Reliable Security Information from GlobalSecurity.org.

[0x1] DoD News: Contracts for March 09, 2010

[0x2] Biden Urges Israel to Take Risks for Peace, Reassures Israelis They Have Washington's Backing

[0x3] Coalition Troops Capture Militant Commanders

[0x4] More NATO Trainers Key to Afghan Effort

[0x5] More Military Trainers Needed in Afghanistan

[0x6] National leaders set to discuss Euro-NATO pilot training

[0x7] Global Threats Demand Broad Response, Admiral Says

[0x8] Army Aviation High Altitude Mountain Environmental Training Strategy

[0x9] Ban to visit Israel and occupied Palestinian territories later this month

[0xA] UN and aid partners call for $60 million to help 110,000 Congolese refugees

SecuObs.com

Observatoire de la securite Internet

[0x1] Shmoocon 2010 GPU vs CPU Supercomputing Security Shootout 1 3

[0x2] RSA Conference USA 2010 Shifts in the Security Paradigm What Cloud and Collaboration Demand

[0x3] Malware Analyzis Sandbox and PC Remote Control over Twitter Hak5

[0x4] Biometric ID Card Storm Troopers Raid Philly Bars

[0x5] BIOMETRIC ID CARD

[0x6] open vpn vista flv

[0x7] Malicious Email Social Engineer Attack using Social Engineers

[0x8] Ollydbg

[0x9] Shmoocon 2010 An Existential Threat To Security As We Know It 1

[0xA] Shmoocon 2010 Windows File Pseudonyms Strange filenames and haiku 1 3

Virtual Shadows

the privacy blog!

[0x1] Priorities when it comes to data privacy

[0x2] Google’s real-search algorithm

[0x3] digital immortality ;-)

[0x4] Controlscan tarnishes integrity on the use of privacy seals

[0x5] Beware of school authorities bearing gifts ;-)

[0x6] Vikings on ice

[0x7] Don’t toot your horn!

[0x8] Get your Google ranking

[0x9] Power to the people of Skåne!

[0xA] Virtual RIP

CSOONLINE.com - Privacy

[0x1] Five Security Missteps Made in the Name of Compliance

[0x2] FTC Warns Nearly 100 Firms of P2P Data Leaks

[0x3] Irate Parents in Pa. Say Schools Use 'peeping Tom Technology'

[0x4] Pa. Schools Spy on Students Using Laptop Webcams, Claims Lawsuit

[0x5] Facebook Hit with Class Action Over Privacy Changes

[0x6] Four Signs of an Easy Victim on Social Networks

[0x7] Meeting of the Minds

[0x8] Google Buzz Criticized for Disclosing Gmail Contacts

[0x9] Why CSOs Should Care About ShmooCon

[0xA] ShmooCon | Your iPhone's Dirty Little Security Secret

Government Technology Product News

Government Technology: News: Products

[0x1] Microsoft CEO Steve Ballmer Says Company's Future Is in the Cloud

[0x2] New Products From Canon, Garmin, Freescale

[0x3] Microsoft Unveils Dedicated Cloud for Government

[0x4] Visualization Platform Gives Stakeholders Sneak Peek of New Applications

[0x5] Industrial Vending Machines Provide Work Gloves, Duct Tape and Other Essentials to City Staff

[0x6] New Products from Aluratek, Gateway, Memorex

[0x7] New Products from Plastic Logic, Pantech, Panasonic

[0x8] Microsoft Loses Appeal, Can No Longer Sell Word

[0x9] New Products from GammaTech, TomTom, IRES Technology Corp.

[0xA] Personal Computing: Multifunction Printers Increase in Popularity

CIO Security

Latest Security issues from CIO UK

[0x1] Atos Origin signs up consultants expecting market growth

[0x2] Doctors demand halt to NHS electronic records

[0x3] Capgemini offers cloud services under new business unit

[0x4] Rural group campaigns for 2Mbps broadband

[0x5] Ford gets scrappage boost from modelling software

[0x6] IBM CEO picks £14.1 million pay package

[0x7] Women CIOs show strong leadership on International Women's Day

[0x8] HP cuts profit figures due to BSkyB costs

[0x9] Continued IT jobs growth say recruiters

[0xA] CSC robustly defend £13bn NHS IT project

SecurityFocus News

SecurityFocus is the most comprehensive and trusted source of security information on the Internet. We are a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

[0x1] News: Change in Focus

[0x2] News: Twitter attacker had proper credentials

[0x3] News: PhotoDNA scans images for child abuse

[0x4] News: Conficker data highlights infected networks

[0x5] Brief: Google offers bounty on browser bugs

[0x6] Brief: Cyberattacks from U.S. "greatest concern"

[0x7] Brief: Microsoft patches as fraudsters target IE flaw

[0x8] Brief: Attack on IE 0-day refined by researchers

[0x9] News: Monster botnet held 800,000 people's details

[0xA] News: Google: 'no timetable' on China talks

EliteHackers.info Discussion Forums

EliteHackers.info has a large memberbase on our forums. We also have a files database, a text & tutorials archive. There is also a proxy list section as well as our ports list database.

[0x1] run vbscript from jscript in windows script handler

[0x2] Xcode

[0x3] I Miss The Old You

[0x4] What Should I do?

[0x5] Photobucket Private?

[0x6] Website design

[0x7] 100Mbps broadband

[0x8] How to?

[0x9] recooping

[0xA] Ecryption test

InformationWeek - All Stories And Blogs

InformationWeek

[0x1] Tibco Brings Analytics To Spotfire 3.1

[0x2] InformationWeek's RSS Feed is brought to you by

[0x3] EnterpriseDB Tapped For Online Gaming

[0x4] Amazon Seeking Kindle Browser Refresh?

[0x5] Extending Your Storage

[0x6] HP Offers iPad Alternative

[0x7] Feds Ease Software Export Restrictions

[0x8] Global CIO: How CEOs See Cloud Computing

[0x9] NY BlueCross To Cover Telehealth Services

[0xA] Google Launches Store For Web Apps

VUPEN Security Advisories

VUPEN - Vulnerabilities and Security Advisories 24/7

[0x1] VUPEN - MediaWiki Security Bypass and Information Disclosure Vulnerabilities

[0x2] VUPEN - SSH Tectia Audit Player Security Update Fixes Multiple Vulnerabilities

[0x3] VUPEN - Dovecot "mbox" Message Header Processing Denial of Service Issue

[0x4] VUPEN - Fedora Security Update Fixes EsoRex Libtool Untrusted Path Issue

[0x5] VUPEN - Fedora Security Update Fixes Samba Security Bypass Vulnerability

[0x6] VUPEN - Fedora Security Update Fixes Moin Security Bypass Vulnerabilities

[0x7] VUPEN - Fedora Security Update Fixes cURL Data Callback Excessive Length

[0x8] VUPEN - Fedora Security Update Fixes Bournal Two Local Vulnerabilities

[0x9] VUPEN - Mandriva Security Update Fixes PHP Security Bypass Vulnerabilities

[0xA] VUPEN - Debian Security Update Fixes tDiary Cross Site Scripting Vulnerability

Cisco Security Advisories

Cisco Security Advisories (the 40 most recent advisories)

[0x1] Cisco Unified Communications Manager Denial of Service Vulnerabilities

[0x2] Cisco Digital Media Player Remote Display Unauthorized Content Injection Vulnerability

[0x3] Multiple Vulnerabilities in Cisco Digital Media Manager

[0x4] SNMP Version 3 Authentication Vulnerabilities

[0x5] Multiple Vulnerabilities in Cisco Security Agent

[0x6] Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability

[0x7] Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances

[0x8] Multiple Vulnerabilities in Cisco IronPort Encryption Appliance

[0x9] Multiple Vulnerabilities in Cisco Unified MeetingPlace

[0xA] Transport Layer Security Renegotiation Vulnerability

CNET News - Security

[0x1] Malware found on HTC Android phone from Vodafone

[0x2] Microsoft warns of zero-day IE hole on Patch Tuesday

[0x3] Drudge Report accused of serving malware, again

[0x4] Backdoor found in Energizer Duo USB battery charger

[0x5] Police get Webcam pictures in school spy case

[0x6] RSA 2010: Taking on cyberthreats

[0x7] Microsoft to fix eight Windows and Office holes

[0x8] Symantec exhibit makes cybercrime tangible

[0x9] 'Mission Impossible'-style heist hits N.J. Best Buy

[0xA] Study lauds IE for blocking Web's social attacks

Suspekt...

A Blog About Code, Information Security, PHP And More

[0x1] Suhosin-Patch 0.9.9.1

[0x2] Month of PHP Security - Blog Post Drawing

[0x3] Patch breaks Suhosin Security Feature in Debian Unstable/Testing

[0x4] Month of PHP Security 2010 - CALL FOR PAPERS

[0x5] Sneak Preview: Month of PHP Security 2010

[0x6] Advisory 03/2009: Piwik Cookie unserialize() Vulnerability

[0x7] SektionEins PHP Security Poster

[0x8] RSS09: Web Application Firewall Bypasses and PHP Exploits

[0x9] Shocking News in PHP Exploitation

[0xA] CGNSec October 2009

Codenomicon News - RSS Feed

Codenomicon News - RSS Feed

[0x1] MSF Introduces Robustness Testing at LTE IOT event

[0x2] Microsoft selects Codenomicon to join the SDL Pro Network

[0x3] Codenomicon is offering a free fuzzing tool

[0x4] Check out the latest Codenomicon Newsletter

[0x5] Codenomicon CROSS team finds IPv6 vulnerability in Linux kernel

[0x6] Looking for Summer Trainees (Oulu, Finland)

[0x7] Codenomicon Board Member Appointed US Chief of Cybersecurity

[0x8] Check out the latest Codenomicon Newsletter

[0x9] Codenomicon is recognized for its Leadership in the Security Test Market

[0xA] Codenomicon releases the first software based general purpose security testing solution

CSOONLINE.com - Critical Infrastructure

[0x1] Chertoff: Tracing Attack Source Key to Cybersecurity Strategy

[0x2] Sinking to Their Level: Protecting Municipal Infrastructure

[0x3] The Bumbling Airline Bomber, Stupid Reactions, and 8 Real Security Takeaways

[0x4] Security and Building Design: What Changed in This Decade

[0x5] Digital Security Stalled as Obama Eyes Afghanistan

[0x6] I Was Wrong: There Probably Will Be an Electronic Pearl Harbor

[0x7] How 9-11 Shaped Hoover Dam Security Operations

[0x8] Hoover Dam Security in Pictures

[0x9] Report: China Ready for Cyberwar, Espionage

[0xA] Charitable Risk: Security Challenges of the Bill and Melinda Gates Foundation

Splunk Blogs

[0x1] Universally Indexing Business Data

[0x2] Our First Splunk Live! in Munich, Germany

[0x3] Real Life in the Digital World of Warcraft

[0x4] Pollution is Bad

[0x5] Splunk on the road with Accenture, Swisscom, Cox, Atlanta Journal Constitution, Voxeo and Coleman Technologies

[0x6] Guess What Time It Is

[0x7] SCALE in Review

[0x8] Free as in Beer, Free Beer and a Discount Code for RSA

[0x9] Splunk at SCALE 8x in LA This Weekend

[0xA] Breaking Up is Hard to Do

The new Security and Penetration Testing Community - ArcaneSecurity.net - The new Security and Penetration Testing Portal

A new Information and Penetration Testing Protal for all security and network professionals. The site include a number of whitehat hacking tools and documents like nmap,dsniff,etterkap,yersinia,cisco security.

[0x1] Honeypot

[0x2] The Conflicker Worm

[0x3] Thoughts on Security of the Corporate documents

[0x4] Are Security Audits necessary ?

[0x5] RFID, its implications and how to defeat

[0x6] Assesing Risks

[0x7] FBI Raids: Pertinent or Paranoid?

[0x8] Protecting Children Online

[0x9] Sarbanes Oxley and IT

[0xA] Phishing For Your Identity

The TSA Blog

Terrorists Evolve. Threats Evolve. Security Must Stay Ahead. You Play A Part.

[0x1] Live Aviation Security Chat with Secretary Napolitano on Facebook 3/9/10

[0x2] Backscatter Advanced Imaging Technology on Its Way to First Eleven Airports

[0x3] What Ever Happened To The Shoe Scanner Idea?

[0x4] What Happens If My Hands Alarm During an Explosives Trace Detection Test (And other questions answered)

[0x5] Four Year Old Boy In Philly Told To Remove Leg Braces

[0x6] Explosive Trace Detection Usage Expanded: Give Us A Hand

[0x7] Bollywood Confidential

[0x8] TSA Haiti Evacuation Effort: A Federal Security Director's Perspective

[0x9] Orlando Officer Arrested

[0xA] What’s Wrong With This Picture?

Deb Shinder's Blog

Deb Shinder is MS SECURITY. An Enterprise Security MVP, she has the “inside story” on all topics related to securing Microsoft networks, from the server all the way down to the network-connected smart phone. Her blog will address Microsoft’s security products and technologies including those built into the operating system (access controls and permissions, EFS, BitLocker, etc.), network security technologies (Active Directory, IPsec, DirectAccess, etc.) and separate security products (ISA Server/TMG, IAG, ILM and the Forefront family of client and server security products and services). This blog focuses on how network administrators and network security specialists can create a multi-layered security strategy, develop sound security policies, and build a strong line of defense around the network to prevent both internal and external attack.

[0x1] Battery charger can infect computers with a Trojan

[0x2] Should software vendors be held liable for vulnerabilities that lead to security breaches?

[0x3] NSS Labs: IE 8 beats other browsers at stopping social attacks

[0x4] VBS vulnerability in Internet Explorer on Windows 2000/XP/Server 2003

[0x5] Fake Amazon order confirmations contain link to malware

[0x6] Microsoft vs. the Botnet

[0x7] Reputation filtering can boomerang on you when doing penetration testing

[0x8] U.S. Cybersecurity law will require licensing of (some) IT security professionals

[0x9] Malicious .PDF files outpace Flash exploits to become most frequently encountered exploit type on the web

[0xA] Malware: The real cause of the XP BSODs

CSOONLINE.com - Wireless/Mobile

[0x1] There's an Insecure App for That

[0x2] Tuning Snort with Host Attribute Tables

[0x3] How to Make Things Worse With IT Security Technology

[0x4] Why CSOs Should Care About ShmooCon

[0x5] ShmooCon | Your iPhone's Dirty Little Security Secret

[0x6] ShmooCon | P2P Snoopers Know What's In Your Wallet

[0x7] How Wi-Fi Attackers Are Poisoning Web Browsers

[0x8] Taken to the Cleaners

[0x9] Why the IE-Google Incident Should Worry You

[0xA] The Curse of Cloud Security

Hackyourself.net Information Security Blog

Hack Yourself...before someone else does!

[0x1] Where are the DBAs?

[0x2] Some Free Web App Security Testing Tools & Resources

[0x3] CWE Top 25 Breakdown – Part 3 of 4

[0x4] CWE Top 25 Breakdown – Part 2 of 4

[0x5] CWE Top 25 Breakdown – Part 1 of 4

[0x6] Should I be worried about my web applications?

[0x7] Does PCI Compliance Work?

[0x8] Top 10 Issues Observed During Pen Tests in 2008

[0x9] A PHP Framework Worth Looking Into

[0xA] OSI is Dead

Capi's Corner

Development, Network, Security, Ideas & Opinions

[0x1] Remaining Windows Vista/7 “rearm count”

[0x2] Novatel Merlin U740 using only Windows 7 onboard tools

[0x3] tr.im to be shut down

[0x4] URL shortening services soon to be under siege?

[0x5] Windows Vista Home/Business/Enterprise has a telnet client, too

[0x6] How to force Git to consider a file as binary

[0x7] Router default password database

[0x8] 25C3 CTF – 2nd place for Hagenberg’s team “h4ck!nb3rg”

[0x9] My initial git settings for any repository

[0xA] A new design for my blog

DojoSec

Security. Thought. Leadership.

[0x1] Interview with Dan Kaminsky at ShmooCon 2010

[0x2] Information Security and Starfish

[0x3] Jeremy Brown – From Static Analysis to 0day Exploit

[0x4] Mobile Communications Security Symposium

[0x5] Marcus’ Mailbag: Policy, Enforcement, and Monitoring

[0x6] Virtualization is Great for Forensics

[0x7] Google Hacking Renders Redaction Futile

[0x8] Metasponse Talk at Techno Forensics

[0x9] Cloud Computing and Sunburn

[0xA] Malwarebytes – An Effective Malware Removal Tool

US-CERT Cyber Security Tips

US-CERT Cyber Security Tips describe and offer advice about common security issues for non-technical computer users. Tips are restricted to a single topic, although complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content, of those published prior to it.

[0x1] ST04-022: Understanding Your Computer: Web Browsers

[0x2] ST04-021: Understanding Your Computer: Operating Systems

[0x3] ST04-020: Protecting Portable Devices: Data Security

[0x4] ST04-019: Understanding Encryption

[0x5] ST04-018: Understanding Digital Signatures

[0x6] ST04-017: Protecting Portable Devices: Physical Security

[0x7] ST04-016: Recognizing and Avoiding Spyware

[0x8] ST04-015: Understanding Denial-of-Service Attacks

[0x9] ST04-014: Avoiding Social Engineering and Phishing Attacks

[0xA] ST04-013: Protecting Your Privacy

Security - RSS Feeds

Security - RSS Feeds

[0x1] What RSA is Saying Now About IT Security

[0x2] Microsoft Warns IE Under Attack on Patch Tuesday

[0x3] Apple iPad Security Considerations for the Enterprise

[0x4] Google Apps Premier Adds Mobile Device Management

[0x5] Cloud Computing's 7 Deadliest Security Risks

[0x6] Energizer Duo Trojan May Have Infected PCs for 3 Years

[0x7] How to Reduce Security Risks Associated with Storing Credit Card Data

[0x8] Trend Micro Reveals Cloud Computing Security Strategy

[0x9] RSA: Cutting Through the Cloud Security Talk

[0xA] Russian Banking Trojan BlackEnergy 2 Unmasked at RSA

GovInfoSecurity.com Agency Alerts RSS Syndication

GovInfoSecurity.com RSS News Feeds on government information security agency alerts.

[0x1] NIST Special Publication 800-73-3: Interfaces for Personal Identity Verification, Part 4

[0x2] NIST Special Publication 800-73-3: Interfaces for Personal Identity Verification, Part 3

[0x3] NIST SP 800-73-3: Interfaces for Personal Identity Verification, Part 2

[0x4] NIST SP 800-73-3: Interfaces for Personal Identity Verification, Part 1

[0x5] NIST Special Publication 800-37 Revision 1: Guide for Applying the Risk Management Framework to Federal Information Systems A Security Life Cycle Approach

[0x6] NIST: Guidelines for the Secure Deployment of IPv6 (Draft)

[0x7] President Obama's Healthcare Reform Plan

[0x8] Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation

[0x9] DoJ: Report to Congress on Implementation of Section 1001 of the USA PATRIOT Act

[0xA] NIST IR 7628 (Draft): Smart Grid Cybersecurity Strategy and Requirements

Security Justice

Security Justice

[0x1] Security Justice Episode 22 – Physical Security, Interview with a Locksmith

[0x2] Shmoocon and how to protect yourself from Shmooball attackers!

[0x3] Security Justice Episode 21 – Woot.com, Hack Challenge, @dave_rel1k and SET

[0x4] Security Justice Episode 20 – Shmoocon 2010 Interview with Bruce Potter (@gdead)

[0x5] Security Justice Episode 19 – Epic Interview with Jason Scott (@textfiles)

[0x6] Select Talks from ISS2009 Now Available for Download

[0x7] Security Justice Special Edition – Interview with Richard Bejtlich (@taosecurity)

[0x8] Security Podcasters “Go the Mo” for Men’s Health

[0x9] Security Justice Special Edition – Jayson Street and Dissecting the hack: the f0rb1dd3n network

[0xA] Security Justice Episode 18 – Louisville InfoSec, Rapid7, Interview with Wesley McGrew

Infosec Island Latest Articles

Adrift in Threats? Come Ashore!

[0x1] Analyst Study Shows Employees Continue to Put Data at Risk

[0x2] Even Einstein Can’t Track Google’s “Script Kiddie” Hackers

[0x3] Newbie Introduction to Digital Forensics Part 2

[0x4] Simple Log Review Checklist Released!

[0x5] Press F1 for Help, pwned.

[0x6] Fiserv to Banks: Stay on Outdated Adobe Reader

[0x7] Newbie introduction to digital forensics Part 1.

[0x8] Trust but verify...

[0x9] Google, Adobe, and Big Oil Attack Commonalities

[0xA] Building your OWN Malware Lab (Part 2)

My Security Planet

My Security Planet

[0x1] extern blog SensePost; : Decrypting Symantec BackupExec passwords

[0x2] 1 Raindrop: Minnesota ISSA Talk

[0x3] Schneier on Security: Marc Rotenberg on Google's Italian Privacy Case

[0x4] 1 Raindrop: Three Steps to a Rational Security Budget

[0x5] Tactical Web Application Security: WAF Virtual Patching Workshop at Blackhat USA 2010

[0x6] ModSecurity Blog: WAF Virtual Patching Workshop at Blackhat USA 2010

[0x7] 1 Raindrop: On the Risk of Overfocusing on Seductive Details

[0x8] SEO BlackHat: Black Hat SEO Blog: Why 6th Place in Search Might Soon Be a Player

[0x9] Schneier on Security: Guide to Microsoft Police Forensic Services

[0xA] funkatron.com: Links for 2010-03-08 [del.icio.us]

Casper Dik's Weblog

Casper Dik's Weblog

[0x1] OGP election

[0x2] NLOSUG: 26/10/2006 Dutch OpenSolaris User Group First Meeting

[0x3] Updated drivers: but only at www.opensolaris.org

[0x4] Small acpidrv update

[0x5] OpenSolaris User Group Meeting, Amsterdam, October 18th

[0x6] Laptop community live!

[0x7] Laptops

[0x8] First Installment (of frkit)

[0x9] User Credentials and all that

[0xA] Southpark Stdio

SecurityInfoWatch Forums - Discussions for the Security Professional

Security discussion forums on topics of security management, policies, guard services, loss prevention, homeland security, alarm systems, network video, security jobs

[0x1] Gimme a cheeseburger...

[0x2] Covert Cameras

[0x3] Earthquakes

[0x4] Bike Patrol

[0x5] Pelco cam install

[0x6] There is Value in Quality!

[0x7] Be careful out there!

[0x8] Suggestions?

[0x9] Things you wish you'd been told BEFORE you started doing security

[0xA] LPInformation

Info Security News

Carries news items (generally from mainstream sources) that relate to security.

[0x1] Thailand approves extradition of credit card hack suspect

[0x2] RSA: Cybersecurity A Joint Fed, Industry Effort

[0x3] Cybersecurity program has serious defects, GAO says

[0x4] Ford Motor Rolls Out New Security Features To Prevent Car-Hacking

[0x5] Backdoor found in Energizer Duo USB battery charger

[0x6] FDIC: Hackers took more than $120M in three months

[0x7] Tokyo's Cyber Emergency Centre at the vanguard of hacking defence

[0x8] The Corporate Side of Snooping

[0x9] Microsoft's tax-for-hacks 'horrible' idea, say security experts

[0xA] Facebook founder Mark Zuckerberg 'hacked into emails of rivals and journalists'

SANS Information Security Reading Room

Last 25 Computer Security Papers added to the Reading Room

[0x1] SANS 2009

[0x2] Penetration Testing in the Financial Services Industry

[0x3] Identifying Load Balancers in Penetration Testing

[0x4] IT Guidance to the Legal Team

[0x5] Building Servers as Appliances for Improved Security

[0x6] One Admin�s Documentation is their Hacker�s Pentest

[0x7] Meeting Compliance Efforts with the Mother of All Control Lists (MOACL)

[0x8] Comprehensive Blended Malware Threat Dissection Analyze Fake Anti-Virus Software and PDF Payloads

[0x9] Incident Handling as a Service

[0xA] Analyzing Enterprise PKI Deployments

Latest News for All Threats

[0x1] International cyber crime group charged

[0x2] Four year jail sentence for webcam hacker

[0x3] Credit card fraudsters jailed in UK

[0x4] Estonia arrests first hacker over cyberattacks

[0x5] Russian news sites suffer DoS attacks

[0x6] Spammers sued for $1bn

[0x7] Hackers target official Estonian portals in conflict over Soviet-era monument

[0x8] "Bumbling" hacker speaks out at Infosec

[0x9] Changes to UK cybercrime legislation are in the air

[0xA] Report shows Britons up for online risks

The Web Security Mailing List (WASC)

The Web Security Mailing List is an open information forum for discussing topics relevant to web security.

[0x1] [WEB SECURITY] Question & Answer guide for web application security testing

[0x2] Re: [WEB SECURITY] Need a real Java web application (with constraints)

[0x3] RE: [WEB SECURITY] Need a real Java web application (with constraints)

[0x4] [WEB SECURITY] Need a real Java web application (with constraints)

[0x5] [WEB SECURITY] Re: Need a real Java web application with vulnerabilities

[0x6] RE: [WEB SECURITY] Re: Need a real Java web application with vulnerabilities

[0x7] Re: [WEB SECURITY] Re: Need a real Java web application with vulnerabilities

[0x8] Re: [WEB SECURITY] Need a real Java web application with vulnerabilities

[0x9] Re: [WEB SECURITY] Need a real Java web application with vulnerabilities

[0xA] Re: [WEB SECURITY] Need a real Java web application with vulnerabilities

ZDNet UK News - Security News

ZDNet UK News - Security News

[0x1] Microsoft warns of zero-day Internet Explorer bug

[0x2] Virus found on Vodafone HTC Android phone

[0x3] MEPs seek delay to passenger data vote

[0x4] Cryptographers discuss wisdom of 'foolishness'

[0x5] Cybercrimes expand to global brands

[0x6] Backdoor in Energizer Duo USB battery charger

[0x7] McAfee cuts two percent of workforce

[0x8] Apache flaw opens systems up to attack

[0x9] EU pushes for healthcare records share with US

[0xA] Web intercept group has spent £14m since January

NoScript Updates

Recent stable releases from noscript.net

[0x1] NoScript 1.9.9.50

[0x2] NoScript 1.9.9.49

[0x3] NoScript 1.9.9.47

[0x4] NoScript 1.9.9.45

[0x5] NoScript 1.9.9.42

[0x6] NoScript 1.9.9.39

[0x7] NoScript 1.9.9.36

[0x8] NoScript 1.9.9.35

[0x9] NoScript 1.9.9.30

[0xA] NoScript 1.9.9.27

CSOONLINE.com - Preparedness

[0x1] Travel Security: What to Pack to Survive a Natural Disaster

[0x2] Massive Storms Don't Halt D.C. IT Ops

[0x3] DDoS Attacks Are Back (and Bigger Than Before)

[0x4] Lack of Telework Preparedness Puts Business Continuity in Danger?

[0x5] How to Perform a Disaster Recovery Business Impact Analysis

[0x6] Most Businesses READY for Flu Pandemic?

[0x7] Business Continuity and Disaster Recovery in a Tornado Zone

[0x8] Swine Flu: Watching the Southern Hemisphere for Signs of H1N1 Havoc

[0x9] WHO Declares Swine flu a Pandemic. Now What?

[0xA] Survey: Business Continuity Plans Factor in Mobile, Social Networking

ZDI: Recent Press

Recent Press Hits

[0x1] Zero-days flaws surface in Apple Safari

[0x2] Hacker Report 'High Risk' Flaws in Safari Browser

[0x3] Apple Safari To Give Up First In Hacking Contest Read more: http://www.itproportal.com/security/news/article/2010/2/18/apple-safari-give-first-hacking-contest/#ixzz0fuBPCmbf

[0x4] Will Apple's Safari Fall First in Hacking Contest ... Again?

[0x5] Hacking contest organizer: Safari will fall first

[0x6] Contest offers $100,000 for smartphone, browser hacks

[0x7] Hackers at Pwn2Own to compete for $100K in prizes

[0x8] CanSecWest Pwn2Own Hacker Contest Targets Smartphones

[0x9] Microsoft, Google split over browser bug bounty

[0xA] Researchers warn of likely attacks

Twitter / amrittsering

Twitter updates from Amrit Williams / amrittsering.

[0x1] amrittsering: RT @brianmadden: Hey! Neocleus has a strategy now! (They plan to OEM their client hypervisor to others. The first is BigFix.) http://bit ...

[0x2] amrittsering: RT @newmediajim: RT @BreakingNews Pentagon locked down after shooting at entrance to adjacent Metro subway station - NBC News

[0x3] amrittsering: RT @newmediajim: Hearing reports of shooting at Pentagon Metro entrance. Standing by for more details

[0x4] amrittsering: rt @sfoak RT @devilok: Apple snags former Mozilla Security Chief - Window Snyder http://bit.ly/9na36h << go Window! << bout time =)

[0x5] amrittsering: RT @securitycast: Now playing Amrit Williams/021210_BTP_Cassandra2. Listen at http://www.securitycast.net:8000/securitycast.mp3.m3u #sec ...

[0x6] amrittsering: http://twitpic.com/163vk0 - Intercontinental rocks flashy lights and shiny objects - come to daddy!

[0x7] amrittsering: Pre-RSA bad ideas: 100 Front Squats at 60% of 1 max rep, my legs are aching...

[0x8] amrittsering: Oh wait I just made myself LOL =)

[0x9] amrittsering: @rsasecurity What are you most looking forward to this year at #RSAC? <- Honest, fresh, and original approaches to materially improving sec

[0xA] amrittsering: @Beaker Forget it - we can talk about it later - too hard on Twitter. On conf call, trying to pack, answering mail/etc...

CSOONLINE.com - Identity & Access

[0x1] Biometrics: What, Where and Why

[0x2] Free Lunch 2010: Why Public Algorithms Beat the Alternative

[0x3] Take a Walking Tour of Your Company's Security

[0x4] Groundhog Day: The Gartner IAM 2009 Event in Review

[0x5] Top Microsoft Security Architect: Windows 7 Will Slash Malware

[0x6] 6 Ways We Gave Up Our Privacy

[0x7] Where Defense in Depth Falls Short

[0x8] Defining Cloud Security: Six Perspectives

[0x9] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0xA] Mass. Makes Changes to ID Theft Regulations

Hackers Center Blogs

[0x1] Data Related to Kneber Botnet breach recovered by Netwitness

[0x2] Building security into business processes

[0x3] Spy Eye tool kit goes after Zeus botnet

[0x4] Black Hat: Researcher claims hack of chip used to secure computers, smartcards

[0x5] China steals Google's data

[0x6] PortSwigger.net - web application security

[0x7] eLearnSecurity : Breaking into system is no more enough

[0x8] NIST releases Security Content Automation Protocol for FISMA

[0x9] A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt web pages, has been made public.

[0xA] Use Data Masking to Secure Sensitive Data in Non-Production Environments

GovInfoSecurity.com Blogs RSS Syndication

GovInfoSecurity.com.com Blog RSS Feeds

[0x1] The 'P' in PCI Should Stand for People

[0x2] PCI: A Vital Standard for Government

[0x3] Cybersecurity Vs. Cyber Warfare

[0x4] Confessions of a Cyber Czarist

[0x5] Cybersecurity: One Step Forward

[0x6] Should Biometrics Replace Passwords?

[0x7] Is it Dump on Obama Time?

[0x8] Lieberman Warns DHS with Humor

[0x9] 4 Tips on Insider Threats

[0xA] Security Tips for Last-Minute Buyers

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] Diigo Toolbar - Global XSS and Information Leakage in SSL URLs

[0x2] Dot Net Nuke (DNN) XSS Vulnerability

[0x3] Sun Java Server Faces Input Handling Cross-Site Scripting

[0x4] ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability

[0x5] Savvy Content Manager "searchterms" Cross-Site Scripting

[0x6] Alkacon OpenCms "filePath" Cross-Site Scripting and File Disclosure

[0x7] IBM Lotus QuickPlace Cross-Site Scripting Vulnerability

[0x8] BosClassifieds Classified Ads System "returnTo" Cross-Site Scripting

[0x9] Zimbra Collaboration Suite Script Insertion Vulnerability

[0xA] WebCT Mail/Discussion Board Message Script Insertion

WindowSecurity.com blogs

Welcome to our Network Security blogs. The blogs are updated on a regular basis with the latest news, information and insider gossip within the network security world and security related fields, such as cryptography.

[0x1] Battery charger can infect computers with a Trojan

[0x2] Should software vendors be held liable for vulnerabilities that lead to security breaches?

[0x3] NSS Labs: IE 8 beats other browsers at stopping social attacks

[0x4] VBS vulnerability in Internet Explorer on Windows 2000/XP/Server 2003

[0x5] Fake Amazon order confirmations contain link to malware

[0x6] Microsoft vs. the Botnet

[0x7] Reputation filtering can boomerang on you when doing penetration testing

[0x8] U.S. Cybersecurity law will require licensing of (some) IT security professionals

[0x9] Malicious .PDF files outpace Flash exploits to become most frequently encountered exploit type on the web

[0xA] Malware: The real cause of the XP BSODs

CSO Blogs - Career

[0x1] Routh to JP Morgan Chase; Kennedy to Praetorian

[0x2] Hacker, Cracker, Salafi, Spy - Be There!

[0x3] Connecticut AG files HITECH Act Law Suit…holy IT health records enablement!!

[0x4] Problem 5: Are You An Insider Threat?

[0x5] Hold Developers Legally Accountable for Software Security Flaws?

[0x6] The Customer is Clueless – Not!

[0x7] CyberTerror - the Arms Race We're Losing

[0x8] High Tech Firms Who Outsource Software Development to China - The Dirty Little Secret

[0x9] Good riddance!

[0xA] IT Talent Helping Haiti

Twitter / i0n1c

Twitter updates from Stefan Esser / i0n1c.

[0x1] i0n1c: Das Xing IT Security Forum ist ein Quell niemals endender Belustigung

[0x2] i0n1c: waiting in the cold again.it is really time for spring or summer.

[0x3] i0n1c: OO hasn't crashed the last 4 hours. Sun is shining outside, workday is nearly over. I think the rest of the day will be great.

[0x4] i0n1c: PHP SVN account request just came in - reason: "I'm one of Debian PHP maintainers". I think hell has to freeze over before he gets it

[0x5] i0n1c: @searchio Actually you seeing me tweeting about something means I take it easy.On a bad day I might just destroy the device I tweet with :P

[0x6] i0n1c: And OpenOffice crashed again... Destroying once again the work of the last X minutes...

[0x7] i0n1c: i totally forgot how joyful it is to take the subway to work.waiting outside in the cold because train is broken.

[0x8] i0n1c: @searchio Welcome to the club

[0x9] i0n1c: Diesen Donnerstag ist CGNSec - http://www.cgnsec.de

[0xA] i0n1c: Girlfriend just took the ICE to FRA.She will be in Korea by tomorrow.I am officially jealous :P

Network World on Firewalls

The latest firewall news, analysis and reviews on NetworkWorld.com.

[0x1] DHS Urges 'Sense of Urgency' for Cyber Security

[0x2] Cisco Unveils AnyConnect Secure Mobility

[0x3] Enterprise Security Tips on a Small-Business Budget

[0x4] How to Stop P2P Data Breaches

[0x5] Get Tough With Your Users to Protect Your Network

[0x6] 'Kneber' Botnet Attacks PCs Worldwide: FAQ

[0x7] Stay Ahead of Malicious PDFs With Latest Adobe Update

[0x8] Comodo Firewall: Superb, If You Ignore Extras

[0x9] Critical Windows Fixes For Network-based Attacks

[0xA] EPIC files FOIA request over reported Google, NSA partnership

NovaInfosecPortal.com

News, events, & resources for infosec professionals in NoVA, DC, & MD

[0x1] Where You Want to Be This Week for 2010-03-08

[0x2] Top 3 NoVA Infosec Blog Posts of the Week

[0x3] Grecs’ Weekly Infosec Ramblings for 2010-03-04

[0x4] RSA 2010 Coverage

[0x5] Where You Want to Be This Week for 2010-03-01

[0x6] Top 3 NoVA Infosec Blog Posts of the Week

[0x7] Grecs’ Weekly Infosec Ramblings for 2010-02-25

[0x8] ShmooCon 2010 Firetalks – Update 5 (aka – the Wrap-Up)

[0x9] Call for Intern Position

[0xA] GovSec Infosec Conference Event

lkml.org

lkml.org - the realtime linux kernel mailinglist archive

[0x1] Re: [PATCH] backlight: mbp_nvidia_bl - add five more MacBook variants

[0x2] Re: [PATCH 1/3] lockdep: Move lock events under lockdep recursion ...

[0x3] Re: [PATCH 1/3] lockdep: Move lock events under lockdep recursion ...

[0x4] Re: USBFS Memory allocation Bug

[0x5] Re: [PATCH 1/3] lockdep: Move lock events under lockdep recursion ...

[0x6] [PATCH 2/2] fs/partition/msdos: Fix unusable extended partition fo ...

[0x7] Re: USBFS Memory allocation Bug

[0x8] [PATCH 1/2] fs/partitions/msdos: add support for large disks

[0x9] Re: [PATCH] backlight: mbp_nvidia_bl - add five more MacBook variants

[0xA] Re: [PATCH] backlight: mbp_nvidia_bl - add five more MacBook variants

LinuxSecurity.com: FreeBSD Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] FreeBSD: Kernel memory disclosure in procfs and linprocfs

[0x4] FreeBSD: fetch Overflow error

[0x5] FreeBSD: syscons Boundary checking errors in syscons

[0x6] FreeBSD: cvs number of vulnerabilities

[0x7] FreeBSD: kernel Improper memory access vulnerability

[0x8] FreeBSD: kernel Excessive privilege vulnerability

[0x9] FreeBSD: core:sys Buffer cache invalidation vulnerability

[0xA] FreeBSD: cvs Heap overflow vulnerability

rAWjAW's Blog

Coding, Exploiting, Reverse Engineering

[0x1] Updates

[0x2] Second XSS and Milw0rm Submission

[0x3] Passed My C|EH

[0x4] Security Rant

[0x5] Contacted Back!

[0x6] First XSS Vulnerability Discovery!

[0x7] Jasager and Airbase-ng Defenses

[0x8] Passed the GPEN!

[0x9] MS08-067 in Metasploit

[0xA] GIAC Penetration Tester (GPEN)

Networking & Infrastructure White Papers

Hardware, Linux, Networking, Security, Storage, UNIX, Windows, and Wireless White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] The Learning Organization Goes Digital

[0x3] 10 Tips - IT Training Support

[0x4] How to Make Your IT Staff Smarter

[0x5] Improving Application Development with Digital Libraries

[0x6] Working Green with Digital Libraries - How it Can Help

[0x7] Minimizing Technology Project Delays with Digital Libraries

[0x8] How VMware Virtualization Right-sizes IT Infrastructure to Reduce Power Consumption

[0x9] Reduce Energy Costs and Go Green with VMware Virtualization

[0xA] VMware Customer Success: Consolidating Data Centers at First American

Anton Chuvakin Blog - "Security Warrior"

This blog covers all sorts of issues of interest to me, including information security, network security, data security - and all other fun things security.

[0x1] Simple Log Review Checklist Released!

[0x2] Security Warrior Blog EXCLUSIVE: 10 Question Interview with Bob Russo and Troy Leach of PCI Council

[0x3] Monthly Blog Round-Up – February 2010

[0x4] Links for 2010-03-01 [del.icio.us]

[0x5] The Myth of SIEM as “An Analyst-in-the-box” or How NOT to Pick a SIEM-II?

[0x6] Short Observation on Open Source SIEM

[0x7] RSA 2010: Where to Find Anton?

[0x8] Nobody Is That Dumb ... Oh, Wait XII

[0x9] Book Review “Cloud Security and Privacy”

[0xA] Workshop on the Analysis of System Logs (WASL) 2010 CFP Out!

Cisco Security Notices

Cisco Security Notices (the 40 most recent notices )

[0x1] Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability

[0x2] Crafted DNS Packet Can Cause Denial Of Service

[0x3] Cisco IPsec VPN Implementation Group Password Usage Vulnerability

[0x4] Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass

[0x5] CSS SSL Authentication Bypass

[0x6] ZOTOB and WORM_RBOT.CBQ Mitigation Recommendations

[0x7] Response to Full-Disclosure - Potential Denial of Service Bug in Cisco Pix Firewall IOS 6.2.2 and 6.3.(3.102)

[0x8] Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access

[0x9] Vulnerability in a Variant of the TCP Timestamps Option

[0xA] W32.BLASTER Worm Mitigation Recommendations

evilrouters.net

im in ur datacentrz configurin' ur routerz

[0x1] BGP Route Reflectors

[0x2] BGP Conditional Advertisements

[0x3] Configuring SNMPv3 on Catalyst switches

[0x4] Pingdom Monthly Report

[0x5] Cisco CCNP TSHOOT exam topology

[0x6] Here’s something you don’t see everyday

[0x7] Use scapy to send JunOS killin’ packet

[0x8] JunOS PSN-2010-01-623 Exploit

[0x9] The right way to host your website

[0xA] My Thoughts on Christmas

Infosecurity.US

Information Security And Occasional Forays Into Other Realms

[0x1] Steve Benson: Air Traffic Control

[0x2] Snow: Trust The Cloud, Do Not

[0x3] XKCD: Single Ladies

[0x4] Turing Award Winner: Creator of Modern Personal Computer – Charles P. Thacker

[0x5] XKCD: Seismograph

[0x6] Blatant Stupidity: The Charney Tax

[0x7] Chip Bok: Death Panel

[0x8] The Four Billion Dollar Hacker

[0x9] XKCD: The Collatz Conjecture

[0xA] New OpenSSL Vulnerability Negates Public Key Cryptographic Underpinnings

Vulnerability Analysis Blog

[0x1] Top-10 Top Level and Second Level Domains found in Malicious Software

[0x2] Plain Text Email in Outlook Express

[0x3] Managing IPv6 - Part 2

[0x4] Managing IPv6 - Part 1

[0x5] Internet Explorer Kill-Bits

[0x6] Mitigating Slowloris

[0x7] Vulnerabilities and Attack Surface

[0x8] Release of Dranzer ActiveX Fuzzing Tool

[0x9] Bypassing firewalls with IPv6 tunnels

[0xA] Conficker.C: How many are there?

BigBlog.com: Computer Security

The latest in Computer Security

[0x1] Ubisoft Revive DRM Servers After DDoS Attack

[0x2] Twitter to begin screening some links for phishing

[0x3] Removing this virus?

[0x4] Twitter takes action on spammers and scammers

[0x5] McAfee warns against fake antivirus software

[0x6] Hold the phone, it's a virus!

[0x7] ICS wins IT security contract from State of Mississippi

[0x8] Twitter to begin screening some links for phishing

[0x9] Cyber attacks worry firms more than terrorism

[0xA] Government Bombarded With Cyber Attacks

CSOONLINE.com - Loss Prevention

[0x1] Social Engineering: The Basics

[0x2] Supply Chain Security Threats: 5 Game-Changing Forces

[0x3] DHS: Counterfeit Goods Still Rampant in U.S.

[0x4] Checklist: 11 Security Tips for Black Friday, Cyber Monday

[0x5] 4 Cheap Options to Monitor Networks for Evidence

[0x6] Report: Retail Shrink, Theft Up in 2009

[0x7] Counterfeit Money: Still Going Strong

[0x8] Organized Crime and Retail Theft: Facts and Myths

[0x9] Special Report: Security Versus the Mob

[0xA] Study: Air Cargo Security Seriously Lacking

Security Systems News Top Stories

Top stories from the security industry.

[0x1] Vicom gets into the long-distance biz

[0x2] Texana acquires Security Depot

[0x3] Questions and answers on UTC's GE Security buy

[0x4] Aimetis raises $5 million

[0x5] Habitec grows in Michigan with Citizen buy

[0x6] L1 for sale?

[0x7] Fire merger in Massachusetts

[0x8] City rolls false medical alert penalties into false alarm ordinance

[0x9] Pivot3 closes $25m in new funding

[0xA] CIBER a growing force in government market

Twitter / sans_isc

Twitter updates from SANS ISC / sans_isc.

[0x1] sans_isc: [Diary] Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7, (Wed, Mar 10th):... http://bit.ly/bb0Yat

[0x2] sans_isc: [Diary] What's My Firewall Telling Me? (Part 4), (Wed, Mar 10th): Theres been a lot of discussion about the recent... http://bit.ly/d1Kjac

[0x3] sans_isc: [Diary] March 2010 - Microsoft Patch Tuesday Diary, (Tue, Mar 9th): Overview of theMarch 2010 MicrosoftPatchesand ... http://bit.ly/aWFHAf

[0x4] sans_isc: [Diary] Vodafone Android Phone: Complete with Mariposa Malware, (Tue, Mar 9th): Panda Security has a post up on on... http://bit.ly/brdDqX

[0x5] sans_isc: [Diary] Energizer Malware, (Tue, Mar 9th): We received several emails today about the US-CERTanalysis of Trojan ho... http://bit.ly/brWrsZ

[0x6] sans_isc: Nice collection of security tools by fellow handler Pedro at http://www.mysectools.com (via @bojanz)

[0x7] sans_isc: Backdoor found in software for Energizer Duo USB battery charger. Energizer doesn't know how or why: http://bit.ly/coLsrw (via @lennyzeltser

[0x8] sans_isc: [Diary] SEO poisoning on TV show, (Mon, Mar 8th): An ISCreader, thanks Paul, notified us about a new SEO(Search En... http://bit.ly/cp4LpV

[0x9] sans_isc: [Diary] Samurai WTF 0.8, (Mon, Mar 8th): A new version of the Samurai WTF (Web Testing Framework) distribution, ve... http://bit.ly/cu82cp

[0xA] sans_isc: [Diary] Microsoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomo... http://bit.ly/cQ1WxD

CSOONLINE.com - Identity Management

[0x1] What Are the Most Overrated Security Technologies?

[0x2] Why REST Security Doesn't Exist (and what to do about it)

[0x3] Groundhog Day: The Gartner IAM 2009 Event in Review

[0x4] How 9-11 Shaped Hoover Dam Security Operations

[0x5] Hoover Dam Security in Pictures

[0x6] 6 Ways We Gave Up Our Privacy

[0x7] Social Networking a Tool for More Secure Identity Management? No Joke!

[0x8] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x9] Potential Gov't Cookie Policy Change Prompts Concerns

[0xA] Software Not Smart Enough to Sort Human Relationships

extraexploit

everything or nothing

[0x1] Firefox 3.6.x - 0 day for document.write - yet another

[0x2] The Command Structure of the Aurora Botnet - Damballa paper

[0x3] Firefox 3.6 "0day" - trying to find more info (and more "0day")

[0x4] using Robtex for fun and… (profit?)

[0x5] CVE-2010-0249 in the wild – part 0.3

[0x6] CVE-2010-0249 in the wild – part 0.2

[0x7] extraexploit blog it’s been copied

[0x8] CVE-2010-0249 in the wild – part 0.1

[0x9] CVE-2010-0249 in the wild - xx222.8866.org and others – part 0

[0xA] IExplorer 0day CVE-2010-0249 – Exploit-Comele / Hydraq / Aurora

M86 Security Labs News

News and commentary about Internet-borne security threats from the Security Labs team at M86 Security.

[0x1] Rustock rages on

[0x2] Twitter "Phish and Spam" Campaign

[0x3] SpamIt.com leaves its footprints

[0x4] Lethic is Back in the Game

[0x5] Mega-D still spamming

[0x6] The Bad Guys Hate Security Folks

[0x7] Inside a Pushdo/Zeus Campaign

[0x8] Spam Using Social Networking Sites

[0x9] Malicious Fake ABA Websites

[0xA] Possible Earthquake in Haiti Scams

InfoSecPodcast.com » Security Tools

Information Security related news, opinions and ramblings

[0x1] MIT Lincoln Lab Network Security Software

[0x2] Record IM video on the network?

[0x3] RFP for PenTesting

[0x4] Declassified window film stops wireless / cell signals

[0x5] List of Malware Analysis tool from SANS

[0x6] Malware Analyzing Sandbox

[0x7] Free Windows Honeypot from NetVigilance

[0x8] Ajax based port scanner

[0x9] Web based VMX file creator

[0xA] Bootable Linux security distros

AIRC Blog

AIRC Blog

[0x1] Hackers use a Facebook hoax to plant Rouge Antimalware

[0x2] Johnny Depp fake death notice - fake ActiveX codec

[0x3] Top 10 Chinese cyber attacks

[0x4] Out-of-band patch for the Aurora exploit will be released today by Microsoft

[0x5] Google vs. China - Round 1

[0x6] Hacking TLS

[0x7] Malware spreading via 'Facebook Password Reset Confirmation' email

[0x8] Microsoft Security Bulletin Summary for October 2009

[0x9] Microsoft Security Bulletin Summary for September 2009

[0xA] Hackers use Twitter to control botnets

Security Bytes

[0x1] Static source code analysis turned on its head

[0x2] RSA panel weighs PCI implications of cloud computing

[0x3] Shamir acknowledges chip-and-PIN attack as his favorite

[0x4] Secure cloud concept built on new Intel processor

[0x5] This you??? Twitter phishing campaign spreads rapidly

[0x6] FTC probes P2P corporate data leaks

[0x7] Microsoft patching issue tied to Alureon rootkit

[0x8] How to turn off Google Buzz and avoid privacy issues

[0x9] Spyware code targets BlackBerry users

[0xA] Torrent phishing scheme trips up Twitter users

Security Tools News & Tips

Just another WordPress weblog

[0x1] Microsoft Security Essentials

[0x2] NSMXpress

[0x3] Korea to train 3,000 ‘cyber sheriffs’

[0x4] FortiClient standard edition

[0x5] 10 Solid Tips to Safeguard Your Facebook Privacy

[0x6] K9 Web Protection

[0x7] Check Point Power-1 Appliances

[0x8] Wordpress blogs hacked – Upgrade your Wordpress NOW!

[0x9] Cisco ASA 5500 Series Firewall

[0xA] (IN)SECURE Magazine Issue 22 is out

OSF Data Loss - The Blotter

This feed contains the latest blotter articles posted to datalossdb.org.

[0x1] Companies must now secure all customer personal information

[0x2] Personal Finance: ID theft rises, but consumers are wising up

[0x3] UT Southwestern alerts patients of possible identity theft

[0x4] FBI Director Promises Privacy, Information About Attacks To Breach Victim Organizations

[0x5] Prosecutors: ID theft case takes deadly turn

[0x6] 27 more indicted in fraud, identity theft ring

[0x7] Why Pay For Health Insurance When You Can Steal It?

[0x8] Man charged in alleged identity fraud at airport

[0x9] Identity theft laws go too far: committee

[0xA] Medical Identity Theft On The Rise

Cisco Learning Home : All Content - Security

All Content in Security

[0x1] ASA vs PIX

[0x2] Cisco WCCP Security

[0x3] ASA - Inspect ICMP with PMTUD

[0x4] ASA Guidelines - VLANS

[0x5] IPv6 security concerns

[0x6] VPN Client

[0x7] Some Questions on ISCW

[0x8] Security Specialist Certifications

[0x9] Cisco ASA 5550 Best Guide/Book

[0xA] is it possible to create VPN connection using one subnet?

Layer 7 Technologies

Layer 7 Technologies markets a family of XML appliances and software to secure, simplify and scale Web services.

[0x1] New Article - Layer 7 Expands into Dutch Market with ION-IP Partnership - ChannelWeb

[0x2] New Press Release - Working Opportunity Fund makes follow on investment in Layer 7 Technologies (February 2, 2009)

[0x3] New Award - 2009 Ready to Rocket List - Rocketbuilders

[0x4] Watch VP Marketing & Alliances, Dimitri Sirota, interviewed by Sys-Con.TV at JavaOne Conference in June, 2008.

[0x5] New Press Release - SOA Consortium Releases New Podcast from K. Scott Morrison, Layer 7 Technologies, on How to Fail at SOA (August 18, 2008)

[0x6] New Press Release - Layer 7 Joins SOA Consortium as Silver Sponsor (June 30, 2008)

[0x7] New Article - Layer 7 Nominated for SYS-CON's "SOA World Magazine Readers' Choice Awards": The SecureSpan XML Networking Gateway Nominated for "Best Security Solution" - SOA World

[0x8] New Press Release - Layer 7 Technologies Enhances Field Collaboration for SOA Through HP ISV Marketplace Referral Program (June 18, 2008)

[0x9] New Article - Layer 7 to Provide Security and Operational Governance for Sun Java CAPS - eBizQ

[0xA] New Press Release - Layer 7 Technologies to Provide Security and Operational Governance for Sun Java CAPS (June 9, 2008)

ZDI: Published Advisories

Published Advisories

[0x1] ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability

[0x2] ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

[0x3] ZDI-10-024: Novell eDirectory SOAP Request Parsing Denial of Service Vulnerability

[0x4] ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability

[0x5] ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities

[0x6] ZDI-10-021: Novell NetStorage xsrvd Long Pathname Remote Code Execution Vulnerability

[0x7] ZDI-10-020: EMC HomeBase SSL Service Arbitrary File Upload Remote Code Execution Vulnerability

[0x8] ZDI-10-019: Mozilla Firefox showModalDialog Cross-Domain Scripting Vulnerability

[0x9] ZDI-10-018: IBM Cognos Server Backdoor Account Remote Code Execution Vulnerability

[0xA] ZDI-10-017: Microsoft Office PowerPoint Viewer TextBytesAtom Record Remote Code Execution Vulnerability

Wired: Threat Level

Kevin Poulsen and Ryan Singel's daily briefing on security, freedom and privacy in the wired and unwired world.

[0x1] Supreme Court Takes ‘Informational Privacy’ Case

[0x2] Lifelock Dinged $12 Million for Deceptive Business Practices

[0x3] Pink Floyd, EMI Brawl Over iTunes Royalties

[0x4] Feds Move to Break Voting-Machine Monopoly

[0x5] Funeral Flap: Justices Weigh Religion, Speech Rights

[0x6] 11 More U.S. Airports Get Body Scanners

[0x7] White House Cyber Czar: ‘There Is No Cyberwar’

[0x8] Security Pros Question Deployment of Smart Meters

[0x9] DMCA Muscle Kills DVD Copying, for Real

[0xA] ‘Google’ Hackers Had Ability to Alter Source Code

www.rootkit.com

: www.rootkit.com News :

[0x1] Kernel Sockets Module based on TDI and WSK

[0x2] Nostalgia: n00bk1t, an advanced ring3 rootkit in C

[0x3] TDL3 - Why so serious? Let's put a smile on that face ..

[0x4] Access token stealing on Windows

[0x5] lbs8901's blog: My RootKit Developer...

[0x6] lbs8901's blog: BsRootKit

[0x7] hoglund's blog: HBGary is hiring RE's in 916

[0x8] DiabloNova's blog: 032: Rootkit Unhooker LE 3.8.386.589 SR1 + Some Stuff

[0x9] DiabloNova's blog: 031: Rustock 2010

[0xA] DiabloNova's blog: 030: Rootkit Unhooker LE 3.8.386.588 SR1

Foro de elhacker.net - Noticias

Información en vivo desde Foro de elhacker.net

[0x1] Vulnerabilidad en kit de desarrollo Autonomy KeyView afecta a diversos ....

[0x2] Una niña de tres años muere al confundir una pistola con un mando de la consola

[0x3] Hackers aprovechan ceremonia de los Oscar

[0x4] Llega Google Apps Marketplace, la tienda de aplicaciones en la nube de Google

[0x5] Microsoft pide a Telefónica que aclare a quién quiere cobrar

[0x6] Entra en vigor la ley que prohíbe los videojuegos violentos en Venezuela

[0x7] Dados de baja 244.000 móviles por no identificarse

[0x8] Más de 1.000 sitios web se declaran culpables de tener enlaces P2P

[0x9] El código de MeeGo será liberado

[0xA] Movistar trabaja para desarrollar un móvil que permita hablar sin cobertura

Latest Secunia Blog Entries

Secunia collects, evaluates, verifies, and analyses vulnerability information.

[0x1] An Interesting Microsoft Tuesday

[0x2] Technology Review Article: Patching the Security Update Process

[0x3] Confusion about Opera vulnerability

[0x4] InfoWorld Article: Typical Windows user patches every 5 days

[0x5] Softpedia Article: Secunia Readies Free Automatic Patching Solution

[0x6] Webuser Article: Home PCs need patching every 4.8 days

[0x7] Dark Reading Article: Secunia To Offer Free Application Updater Service To Consumers

[0x8] V3.co.uk Article: Secunia offers free patch management to all

[0x9] Patching redefined – Free & Automatic Updating for every single PC user

[0xA] OS Dependant PowerPoint Viewer Vulnerabilities

Rational Survivability

PLEASE NOTE: I HAVE PERMANENTLY MOVED MY BLOG TO http://www.rationalsurvivability.com/blog <-- All these posts/comments have been moved there and all new posts since May 2009 appear there.

[0x1] IMPORTANT REMINDER: My Blog and RSS Feed Have Moved To http://www.rationalsurvivability.com/blog

[0x2] IMPORTANT REMINDER: My Blog and RSS Feed Have Moved

[0x3] IMPORTANT: Moving My Blog & RSS Feed

[0x4] BeanSec! Wednesday, March 18, 2009 - 6PM to ?

[0x5] How To Be PCI Compliant in the Cloud...

[0x6] On the Overcast Podcast with Geva Perry and James Urquhart

[0x7] More On Clouds & Botnets: MeatClouds, CloudFlux, LeapFrog, EDoS and More!

[0x8] Source Boston - Video Interviews of Security Rockstars...

[0x9] Oh Noes: We Can't Monitor/Protect Against Intra-VM Traffic!

[0xA] Sun vs. Cisco? I'm Getting My Popcorn...

Latest MITRE News

The MITRE Corporation is a not–for–profit organization chartered to work in the public interest. As a national resource, we apply our expertise in systems engineering, information technology, operational concepts, and enterprise modernization to address our sponsors' critical needs.

[0x1] Top 25 Most Dangerous Programming Errors List Released

[0x2] Two MITRE Employees Receive Black Engineer of the Year Awards

[0x3] MITRE's William Albright Honored for Diversity Leadership

[0x4] Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"

[0x5] MITRE's Mark Maybury Named IEEE Fellow

[0x6] MITRE Named One of FORTUNE's "100 Best Companies to Work For" Nine Years in a Row

[0x7] MITRE President and CEO Alfred Grasso Appointed to Defense Science Board

[0x8] MITRE Makes Nielsen Norman Group's 10 Best Intranets List

[0x9] MITRE Opens Fort Meade Site

[0xA] MITRE Engineers Honored for Achievements in Airborne Traffic Avoidance

Network Security Podcast

The Network Security Podcast

[0x1] The Network Security Podcast, Episode 188

[0x2] RSAC2010: Sourcefire

[0x3] RSAC2010: ISC2

[0x4] RSAC2010: Kaspersky Lab

[0x5] RSAC2010: Astaro Internet Security

[0x6] RSAC2010: F-Secure

[0x7] RSAC2010: Panda Security

[0x8] Network Security Podcast, Episode 187

[0x9] RSAC2010: ICSA Labs

[0xA] RSAC2010: Mark Bower, Voltage Security

blog ntic de revolunet

Blog des Nouvelles Technologies de l'Information et de la Communication

[0x1] Symbian : l’open source comme ultime recours ?

[0x2] Appels illimités vers le Maroc

[0x3] Astuces Django

[0x4] Bien démarrer avec django

[0x5] Premiers pas Git : team workflow

[0x6] Test du Sanyo Xacti CA9

[0x7] Outrage

[0x8] Test QNAP TS409 Pro

[0x9] rsync alternative for low cpus

[0xA] NeufBox = catastrophe

Security News items, Blog posts | ZDNet

News items, Blog posts relating to Security

[0x1] Microsoft plugs dangerous Excel security holes

[0x2] Drudge Report accused of serving malware

[0x3] New Microsoft IE zero-day flaw under attack

[0x4] Vodafone HTC Magic shipped with Conficker, Mariposa malware

[0x5] China Offers To "Severely Punish" Google Attackers

[0x6] 'Highly critical' flaw found in Opera browser

[0x7] Apache bug prompts update advice

[0x8] China: Google has never officially complained about attack

[0x9] Apple, Facebook, Twitter, HP decline to testify re: Human Rights and Law

[0xA] iPad: Perfectly flawed

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] www.bobparsons.me XSS

[0x2] store.dakar.com XSS

[0x3] www.reuters.com XSS

[0x4] apps.dhl.co.uk XSS

[0x5] www.sprint.net XSS

[0x6] www.att.com XSS

[0x7] www.eso.shell.com XSS

[0x8] agriculture.gouv.fr XSS

[0x9] www.economie.gouv.fr XSS

[0xA] www.egov.santos.sp.gov.br XSS

Packet Storm Security Miscellaneous Files

Packet Storm Last 10 Miscellaneous Files

[0x1] exploit-writing-tutorial-part-9-win32-shellcoding.pdf

[0x2] exploit-writing-tutorial-part-8-win32-egg-hunt.pdf

[0x3] codegate2010.txt

[0x4] jitednotepad-shellcode.txt

[0x5] jitedstage0-shellcode.txt

[0x6] Writing-JIT-Spray-Shellcode.pdf

[0x7] execve-md.c

[0x8] joomla-rfis.txt

[0x9] GoogleGears_for_Attackers.pdf

[0xA] F_IE_PrisonBreak.pdf

Kismet/Wireless

Kismet and Wireless Stuff ... Extended development logs, up and coming features, and general wireless link-whorery.

[0x1] SVN commit 3015

[0x2] SVN commit 3014

[0x3] SVN commit 3013

[0x4] SVN commit 3012

[0x5] Blackhat & Shmoo

[0x6] SVN commit 3011

[0x7] Quahogcon this spring

[0x8] SVN commit 3010

[0x9] SVN commit 3009

[0xA] SVN commit 3008

Techworld.com Security

Latest IT articles from Techworld's Security channel

[0x1] Twitter to screen links for phishing scams

[0x2] Microsoft warns of zero-day IE hole

[0x3] Microsoft patches Excel security hole

[0x4] How to ensure your network security

[0x5] Reader exploit prompts Adobe update alert

[0x6] IBM to release secure software development tools

[0x7] FDIC: Hackers stole $120m in three months of online bank fraud

[0x8] Bogus intranets scam university students

[0x9] Kaspersky invents security suite for 'expert' user

[0xA] Energizer Bunny infects PCs with backdoor malware

SecuraBit

This is a Computer Security podcast brought to you by the guys at SecuraBit.com. Please visit our web site at http://www.securabit.com or send questions/comments to feedback@securabit.com Thanks for listening!

[0x1] Show Notice: KrebsOnSecuraBit – Inverviewing @briankrebs 10 Mar

[0x2] SecuraBit EP51 – Malware Detection With Sunbelt Software

[0x3] Open Source Android Forensics

[0x4] SANS vLive!: Automating Compliance & Windows Domain Audits with David Hoelzer

[0x5] Vulnerability Roundup

[0x6] Practical Exploitation

[0x7] Vulnerability Roundup

[0x8] Shmoocon 2010 Podcasters Meetup – NSFW!!!!!!

[0x9] SecuraBit Episode 50: Interview with Rob Lee!

[0xA] SecuraBit live tonight with Rob Lee!

Moreover Technologies - Computer security news - 30 of 7979 returned

Moreover Technologies - Real-time news and blogs from thousands of sources

[0x1] Trading Stocks Made Easy - Sponsored Link

[0x2] GE Capital Launches Finance Program for McAfee Value Added Resellers

[0x3] GE Capital Launches Finance Program for McAfee Value Added Resellers

[0x4] iPhone - iPod Security ... Finally! Mobile Active Defense Protects Smartphone Email From Phishing, Malware, Viruses and Spam

[0x5] MonoPrice Hacked, CC Info Compromised?

[0x6] Max Clifford 'accepts £1 mln to drop phone-hacking case' (AFP)

[0x7] Kanguru Solutions' Remotely Manageable, Hardware Encrypted USB Flash Drive with Anti-virus Achieves FIPS 140-2 Certification

[0x8] Kanguru Solutions' Remotely Manageable, Hardware Encrypted USB Flash Drive with Anti-virus Achieves FIPS 140-2 Certification

[0x9] Kanguru Solutions' Remotely Manageable, Hardware Encrypted USB Flash Drive with Anti-virus Achieves FIPS 140-2 Certification ..

[0xA] GE Capital Launches Finance Program for McAfee Value Added Resellers

Network World on Windows

The latest Windows news, analysis and feature articles from NetworkWorld.com.

[0x1] Excel vulnerabilities revealed on 'slower' Patch Tuesday

[0x2] From sneakers to smartphones: The man behind Microsoft's Windows Phone design

[0x3] Microsoft at last releases famed Red Hat/Linux virtualization drivers

[0x4] SMBs want Windows 7 now

[0x5] A look back at the launch of Active Directory

[0x6] Microsoft: Cloud revenue to hit in a couple years

[0x7] Blogger favors Windows 7, iPhone 3GS

[0x8] Security of virtualization, cloud computing divides IT and security pros

[0x9] Best of the Tests

[0xA] Shoutouts to Dell Equallogic, Apple Xserve, HP 580 servers

Danger Room

What's Next in National Security

[0x1] Mach 6 Cruise Missile, Ready for Prime Time?

[0x2] ‘500 AK-47s, Please’: Art Imitates Blackwater (Updated)

[0x3] Tanker Manufacturers to Air Force: Later, Haters

[0x4] Pentagon-Backed Venture Aims for ‘Google Underground’

[0x5] The Real-Life Baghdad Bomb Squad, Revisited

[0x6] Army ‘Mad Scientists’ Study Swarming Mines, Facebook Attacks

[0x7] DARPA Pushes for Fail-Proof Prosthetics

[0x8] Despite New Policy, Pentagon Still Wary of the ‘Tubes

[0x9] Hurry Up and Wait for the Gajillion-Dollar Stealth Plane

[0xA] Mullen: Give ‘Soft Power’ a Chance

Free and Useful Online Resources for Designers and Developers

Free and useful online resources for designer and developers

[0x1] Now Edit And Share From Anywhere With Photoshop For iPhone

[0x2] How to Get Free Content and Media Hosting at Screencast.com

[0x3] 5 Websites & Tools Bloggers Should Know About

[0x4] DotNetNuke Makes It Easier For You To Build Feature-Rich, Interactive Web Sites And Applications

[0x5] The Ultimate (Fresh) Collection Of High-Quality Free Social Media Icon Sets

[0x6] Stunning Pieces Of Digital Art That Would Make You Say ‘Wow’

[0x7] 5 Great Extensions To Manage Various Tasks On Google Chrome

[0x8] How to Make a Killer Viral Photo Gallery

[0x9] The Colorful Showcase Of Beautiful Floral Typography

[0xA] Now Embed Free Online Photo Editor In Your Website With Picmeleo

Episteme: Belief. Knowledge. Wisdom

[0x1] Return-to-Barry-White Human Exploitation

[0x2] NLP for Social Engineers

[0x3] Hacker Halted Redux

[0x4] Recap: The Hope Symposium

[0x5] Social Engineering Abounds

[0x6] Greed as a prime motivator

[0x7] Constraints and The Bandwidth Problem

[0x8] Social Networking and Security

[0x9] Obama and Hypnosis

[0xA] NLP is not Science

Oracle Security Alerts

Security Alerts Issued by Oracle

[0x1] Oracle Security Alert for CVE-2010-0073 - February 2010

[0x2] Critical Patch Update - January 2010

[0x3] Critical Patch Update - October 2009

[0x4] Critical Patch Update - July 2009

[0x5] Critical Patch Update - April 2009

[0x6] Critical Patch Update - January 2009

[0x7] Critical Patch Update - October 2008

[0x8] Critical Patch Update - July 2008

[0x9] Critical Patch Update - April 2008

[0xA] Critical Patch Update - January 2008

EarthWeb IT Management News & Views

EarthWeb IT Management News & Views offers busy IT managers up-to-date reports and insightful analysis of IT industry trends.

[0x1] Three Steps to High Availability Virtual Machines

[0x2] Microsoft Researcher Wins Computing's 'Nobel'

[0x3] Cast Iron Launches Cloud Integration Solution

[0x4] MonoPrice.com Investigates Possible Breach

[0x5] U.S. Universities Targeted

[0x6] Couple Charged with Data Theft

[0x7] LifeLock Settles with FTC

[0x8] Apache HTTP Server Patched

[0x9] England Soccer Team Bugged

[0xA] Malware Found on Magic

Welcome to the Frontpage

ThreatChaos. News, views and analysis. A security blog providing original research from the IT-Harvest team.

[0x1] Best of Show RSA Conference 2010

[0x2] Weapon of cyber war demonstrated

[0x3] Be afraid. Fatal System Error is a scary book.

[0x4] Five cyber defense vendors to watch in 2010

[0x5] Myth busting Monday

[0x6] Some important views on the China-Google affair

[0x7] Putting Chinese cyber espionage in perspective

[0x8] Google engages in cyber vigilantism

[0x9] 2010 to be a year of change for the security industry

[0xA] Targeted attacks work against Google.

security_watchdog

All the IT security issues that affect you and your business. Direct reports from all the security conferences throughout the year, including RSA conference and Infosec.

[0x1] Google: complete privacy 'does not exist'

[0x2] Kiwi hacker to work for police

[0x3] Data leaks worst security threat

[0x4] UK businesses still don’t ‘get’ security

[0x5] Storm worm fabricates news

[0x6] Road warriors leaking secrets

[0x7] Cyber-crooks sting South Africa for £13m

[0x8] Public wants data breach legislation

[0x9] Hong Kong becomes most dangerous domain

[0xA] Scammers targeting LinkedIn

PandaLabs Blog

everything you need to know about Internet threats

[0x1] Mariposa Stats

[0x2] Vodafone distributes Mariposa-like bot

[0x3] The Thousand-Faced Rogue

[0x4] Mariposa botnet

[0x5] Rogueware competing with Panda

[0x6] Deceiving Flash Player Update

[0x7] Teaching Some Security. Asking for help!

[0x8] The biggest case of user failure in history?

[0x9] Rogueware competing with Microsoft

[0xA] Amazon and Greeting cards to distribute malware

Twitter / mdowd

Twitter updates from mdowd / mdowd.

[0x1] mdowd: @drraid cheers! passed over again i suppose..

[0x2] mdowd: @VS_ Yeah; I'll just stand close to the girls in the line in front of me and pretend I know them

[0x3] mdowd: Now I'm going to be standing in line at customs going "Fuck, they're not going to let me in with these shoes"

[0x4] mdowd: There's now a cover charge to get in to the US: http://tinyurl.com/ybxjjxh . Still cheaper than most clubs I suppose..

[0x5] mdowd: @ncb I'm not saying it won't work. People buy all sorts of rubbish tech devices. One recently released one springs to mind.

[0x6] mdowd: @ncb That would be completely annoying

[0x7] mdowd: @geekgrrl They went on to make this other show called "Frontline", which is an extremely cynical take on current affairs programs. It rules

[0x8] mdowd: @geekgrrl Oh, it's from an Australian tv show from the early 90s called The Late Show

[0x9] mdowd: @geekgrrl You are American right? How do you know about the late show?

[0xA] mdowd: @geekgrrl Wow, that's oldschool! I actually have that sketch from The Late Show on tape or dvd :)

LinuxSecurity.com: Slackware Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Slackware: 2010-067-01: httpd: Security Update

[0x4] Slackware: 2010-060-01: seamonkey: Security Update

[0x5] Slackware: gzip

[0x6] Slackware: openssl

[0x7] Slackware: php

[0x8] Slackware: httpd

[0x9] Slackware: pidgin

[0xA] Slackware: mozilla-firefox

What's New

What's New at FIRST website

[0x1] The 2010 Program is now available online!

[0x2] FIRST welcomes three new teams

[0x3] ICANN and FIRST are hosting a Joint Cybersecurity Workshop

[0x4] FIRST Welcomes Neustar to the Sponsorship Team!

[0x5] 2010 dates for the Corporate Executive Program!

[0x6] FIRST is accepting theme suggestions for the 23rd Annual FIRST Conference in Vienna in 2011

[0x7] New Exhibitors for Miami 2010

[0x8] FIRST welcomes four new teams in January

[0x9] FIRST has established relationships with both ISO and ITU-T

[0xA] Please join us in welcoming new teams and thanking their sponsors

EFA

Electronic Frontiers Australia

[0x1] It’s time for action: 10 things you can do to stop the filter

[0x2] Government receives 55,000+ submissions on R18+ games

[0x3] Government: Don’t feed the trolls

[0x4] EFA and AusGamers submission on R18+ games

[0x5] Crackdown on Internet racism ill-thought out

[0x6] Internet users support education over mandatory Internet filtering

[0x7] ACTA internet chapter leaked

[0x8] EFA welcomes widespread opposition to the Government’s mandatory Internet filtering plan

[0x9] Australians deserve an Open Internet

[0xA] Mandatory Filtering: Minimum legitimacy requirements

Jeremiah Grossman

A page to show up #1 on Google when searching for "Jeremiah" (Currently #5).
The prophet, TV show, and that pesky Owyang guy going down!

A page to show up #1 on Google when searching for "Jeremiah Grossman", and it FINALLY has!

[0x1] Best of Application Security (Friday, Mar. 5)

[0x2] Best of Application Security (Friday, Feb. 26)

[0x3] Compliance and Habit holding back Application Security

[0x4] Best of Application Security (Friday, Feb. 19)

[0x5] Hey Massachusetts, where is your application security requirement?

[0x6] Infrastructure vs. Application Security Spending

[0x7] Best of Application Security (Friday, Feb. 12)

[0x8] Where's WhiteHat? Re: Scanner Comparisons

[0x9] Best of Application Security (Friday, Feb. 5)

[0xA] Web 2.0 Pivot Attacks

C skills

A blog dedicated to software and network trickery.

[0x1] New injectso -- Debian proof

[0x2] Runtime hot-patching processes w/o ptrace

[0x3] Thoughts on companion worms

[0x4] Always check return value!

[0x5] Adventures in Heap Cloning

[0x6] xorl blog seems to be up again

[0x7] injectso 32bit x86 port

[0x8] New injectso available

[0x9] unixdump UNIX-socket sniffer available

[0xA] When const really means const

AirSafe.com Web Site

Site dedicated to providing the public with information on aviation safety and security.

[0x1] AirSafe.com News

[0x2] Podcast on Intial Details of Air France A330 Crash near Brazil

[0x3] Air France Flight 447 Accident Information

[0x4] Crash of Turkish Airlines 737 in Amsterdam

[0x5] Continental Connection Crash in Buffalo 12 February 2009

[0x6] A320 Crashes in the Hudson River

[0x7] Year in Review 2008

[0x8] Risks from Incapacitated Pilots and Pilots Who May Deliberately Crash Airplanes

[0x9] Interview on 'The Gregg Knapp Experience' - 18 November 2008

[0xA] Complacency and the Qantas A330 Accident of 7 October 2008

Information Security Thoughts - Allen Baranov

A blog dedicated to thoughts about Information Security.

[0x1] I stand by Gears!

[0x2] The most important piece of software this decade

[0x3] SANS Confirms

[0x4] If you only read one article on Information Security...

[0x5] [OT] Men are chickens**t.

[0x6] [OT] Open Question to Nokia

[0x7] The most important security advice for home users!

[0x8] Quick Tought - The Pelzman Effect

[0x9] ITWeb Security Summit - Day 1 Keynote Reflections

[0xA] ITWeb Security Summit - Reflections (Part 1)

War on Error

One day they'll laugh at what we think is secure. Thankfully, we won't be there to hear them...

[0x1] Where were the cops when Microsoft busted Waledac?

[0x2] Microsoft plays big bad wolf. And then blows down its own house

[0x3] Doubt cast on Windows tests. But where was Microsoft?

[0x4] Floyd Landis - champion cyclist, alleged Trojan hacker

[0x5] Windows 7, unfairly condemned

[0x6] Microsoft's chronic lack of innovation

[0x7] Can chip and PIN be fixed?

[0x8] Pirates built online music so why not eBooks too?

[0x9] The lesson of the Twitter hack: Passwords are pitiful

[0xA] The lesson of the Twitter hack. Passwords are pitiful.

CSOONLINE.com - Fraud

[0x1] Fraudsters Bank on Business Accounts: How to Protect Your Funds Online

[0x2] How to Spot Fake Job References

[0x3] ATM Skimming: How to Recognize Card Fraud

[0x4] Telltale Signs of ATM Skimming

[0x5] IBM: Vulnerabilities Fell in 2009, but Other Risks Abound

[0x6] ISP Operators Among 19 Arrested in Cyber-Fraud Case

[0x7] FBI Investigating Online School District Theft

[0x8] Heartland Pays Amex $3.6 Million Over 2008 Data Breach

[0x9] Rogue Antivirus Lurks Behind Google Doodle Searches

[0xA] FBI: Rogue Antivirus Scammers have Made $150M

Techworld.com Operating Systems

Latest IT articles from Techworld's Operating Systems channel

[0x1] Microsoft may move up Windows 7 service pack release

[0x2] Google reveals Chrome OS security details

[0x3] Microsoft Office 2010 to launch 12 May

[0x4] Windows needs patching every five days

[0x5] Microsoft plans 8 Windows, Office fixes next week

[0x6] Microsoft plans 8 Windows & Office fixes next week

[0x7] How to make Windows 7 look like a Commodore 64

[0x8] Windows XP downgrade lawsuit thrown out of court

[0x9] Microsoft to Google: Address EU's antitrust concerns

[0xA] Intel hits migration delays with Windows 7

PandaLabs Blog

everything you need to know about Internet threats

[0x1] Mariposa Stats

[0x2] Vodafone distributes Mariposa-like bot

[0x3] The Thousand-Faced Rogue

[0x4] Mariposa botnet

[0x5] Rogueware competing with Panda

[0x6] Deceiving Flash Player Update

[0x7] Teaching Some Security. Asking for help!

[0x8] The biggest case of user failure in history?

[0x9] Rogueware competing with Microsoft

[0xA] Amazon and Greeting cards to distribute malware

The Web Application Security Consortium

The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.

[0x1] Robert Auger edited Threat Classification References Mapping Proposal

[0x2] Robert Auger edited Using the Threat Classification

[0x3] Robert Auger edited SideBar

[0x4] Robert Auger edited SideBar

[0x5] Robert Auger edited Insufficient Data Protection

[0x6] Romain Gaucher edited Insufficient Data Protection

[0x7] Robert Auger edited Insufficient Data Protection

[0x8] Robert Auger edited Using the Threat Classification

[0x9] Ryan Barnett uploaded

[0xA] Ryan Barnett uploaded

Microsoft Security Bulletins

Microsoft Security Bulletins

[0x1] MS10-017 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)

[0x2] MS10-016 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)

[0x3] MS10-015 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)

[0x4] MS10-014 - Important: Vulnerability in Kerberos Could Allow Denial of Service (977290)

[0x5] MS10-013 - Critical: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)

[0x6] MS10-012 - Important: Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468)

[0x7] MS10-011 - Important: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)

[0x8] MS10-010 - Important: Vulnerability in Windows Server 2008 Hyper-V Could Allow Denial of Service (977894)

[0x9] MS10-009 - Critical: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)

[0xA] MS10-008 - Critical: Cumulative Security Update of ActiveX Kill Bits (978262)

Exotic Liability

Exotic Liability

[0x1] Exotic Liability 51: Hungover w/ Ian Amit

[0x2] Exotic Liability 50: Double Stuffed w/ Joe Grand

[0x3] Exotic Liability 49: Misogyny

[0x4] Exotic Liability 48: Benevolent

[0x5] Exotic Liability 47: Fast Forward

[0x6] Exotic Liability 46: Ninja Grillz

[0x7] Exotic Liability 45: The Couch

[0x8] Exotic Liability 44: A New Year of Terrorism

[0x9] Exotic Liability 43: An Exotic Christmas

[0xA] Exotic Liability 42: Tom Brennan

DarkReading - All Stories

DarkReading

[0x1] Voluntary Breach Disclosure Rare But Valuable

[0x2] Botnets Serving Project Aurora Likely Built By "Amateurs," Researcher Says

[0x3] Ford Motor Rolls Out New Security Features To Prevent Car-Hacking

[0x4] Product Watch: Gemalto Rolls Out Secure Online Banking On A Stick

[0x5] New Massachusetts Data Privacy Law Adds Incentive For Strong Database Security

[0x6] Smartphone Weather App Builds A Mobile Botnet

[0x7] At RSA, Some Security Pros Don't Practice What They Preach

[0x8] Tool Automates Targeted Attacks On Social Network Users

[0x9] New BlackEnergy Trojan Targeting Russian, Ukrainian Banks

[0xA] Product Watch: New Microsoft Identity Technology Aims To Protect Online Privacy

Latest Alerts From Websense Security Labs

This is the Alert Rss Feed from Websense Security Labs

[0x1] Malicious Web Site / Malicious Code: BBS of Sougou Compromised

[0x2] Malicious Web Site / Malicious Code: Blackhat SEO turns to PDF with Chile and Hawaii disasters

[0x3] Malicious Web Site / Malicious Code: Searching For Joannie Rochette Leads To Rogue AV

[0x4] Malicious Web Site / Malicious Code: Bloom Box Black SEO

[0x5] Malicious Web Site / Malicious Code: Microsoft's Ninemsn Australia Web Site Compromised

[0x6] Malicious Web Site / Malicious Code: Spammers already using Google Buzz

[0x7] Malicious Web Site / Malicious Code: Zeus targeted attacks continue

[0x8] Malicious Web Site / Malicious Code: Bollywood Hungama Web Site Compromised

[0x9] Malicious Web Site / Malicious Code: Zeus Campaign Targeted Government Departments

[0xA] Malicious Web Site / Malicious Code: Malicious Google Job Application Response

Edgeos - New Vulnerabilities

Edgeos - Private-Labeled Vulnerability Assessment Services

[0x1] FreeBSD : otrs -- SQL injection (5220)

[0x2] MDVSA-2010:034: kernel

[0x3] SuSE 11.0 Security Update: lighttpd (2010-02-03)

[0x4] SuSE 11.1 Security Update: lighttpd (2010-02-03)

[0x5] SuSE 11.2 Security Update: kernel (2010-01-28)

[0x6] SuSE 11.2 Security Update: lighttpd (2010-02-03)

[0x7] MS10-003: Vulnerability in Microsoft Office (MSO.DLL) Could Allow Remote Code Execution (978214)

[0x8] MS10-004: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)

[0x9] MS10-005: Vulnerability in Microsoft Paint Could Allow Remote Code Execution (978706)

[0xA] MS10-006: Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251)

Will Hack For SUSHI

Hacking and Defending Wireless

[0x1] MiFi Config Hack

[0x2] Verizon MiFi Pwned (maybe they should take my class)

[0x3] Wordlist Generation – CeWL on Ubuntu

[0x4] QuahogCon: We should have a raw bar.

[0x5] Exploiting ZigBee at ToorCon 11 Slides

[0x6] ToorCon 11: KillerBee – Practical Zigbee Exploitation Framework

[0x7] Bluetooth and OS Language Pack Correlation

[0x8] Special Evening Webcast on Kismet Newcore Thursday!

[0x9] Wired: 100 Things Your Kids May Never Know About

[0xA] Webcast Tomorrow: Smart Grid and AMI Security Concerns

Panda Research Blog

Leading the way in proactive malware detection

[0x1] Panda Cloud Test File

[0x2] Vodafone distributes Mariposa botnet

[0x3] Spam Honeypot Catch

[0x4] Panda @ AV-Comparatives

[0x5] Blog Comment Spam Honeypot

[0x6] OT: Vacation

[0x7] Arguments against cloud-based antivirus

[0x8] New Panda Research Blog Style

[0x9] Panda Security Compatibility with Windows 7

[0xA] Panda Security Days in Sweden 09

physicsworld.com: all content

Latest content from physicsworld.com

[0x1] UK science risks relegation, warns Royal Society

[0x2] Quo vadis Bose-Einstein condensation?

[0x3] Nanotechnology for Sustainable Energy - ESF-FWF Conference in Partnership with LFUI

[0x4] Faster than lightning – the new measuring system for flash

[0x5] New calibration LED for optical instruments

[0x6] Earth's magnetic field older than we thought

[0x7] Beam Profiling Software RayCi

[0x8] Gooch and Housego plc

[0x9] Photonic Solutions now offering NKT Photonics single frequency fibre lasers

[0xA] Multimode Duplex MTRJ to MTRJ fiber optic patch cable

ITtoolbox Downloads

[0x1] Using WebSphere DataStage with IBM DataMirror Change Data Capture

[0x2] Extend and Reuse Existing Mainframe Functions Through SOA - Part 4 of the Roadmap To Reduce Webcast Series

[0x3] Consolidate Applications From Non-Strategic Platforms Onto z/OS - Part 3 of the Roadmap To Reduce Webcast Series

[0x4] Tech Talk:: Strategic Solutions To Help Solve Top Issues In The Data Center Today

[0x5] How Safe Is Your Network? - Analyst #1 Choice for Vulnerability Management - Free Trial

[0x6] Always be Open for Business

[0x7] Make Compliance Work for You

[0x8] Reduce Operational Costs By Up To 95% - Part 1 of the Roadmap To Reduce Webcast Series

[0x9] Increase productivity by up to 40% - Part 2 of the Roadmap To Reduce Webcast Series

[0xA] Database Trends and Applications Survey Results: The Freshest BI Data from the Journal of Enterprise Data Management

DarkReading - All Stories

DarkReading

[0x1] Voluntary Breach Disclosure Rare But Valuable

[0x2] Botnets Serving Project Aurora Likely Built By "Amateurs," Researcher Says

[0x3] Ford Motor Rolls Out New Security Features To Prevent Car-Hacking

[0x4] Product Watch: Gemalto Rolls Out Secure Online Banking On A Stick

[0x5] New Massachusetts Data Privacy Law Adds Incentive For Strong Database Security

[0x6] Smartphone Weather App Builds A Mobile Botnet

[0x7] At RSA, Some Security Pros Don't Practice What They Preach

[0x8] Tool Automates Targeted Attacks On Social Network Users

[0x9] New BlackEnergy Trojan Targeting Russian, Ukrainian Banks

[0xA] Product Watch: New Microsoft Identity Technology Aims To Protect Online Privacy

Twitter / steaIth

Twitter updates from Sebastian Krahmer / steaIth.

[0x1] steaIth: If you are not on snosoft's elite hacker list you are stupid and stinking: http://is.gd/9KLow :D

[0x2] steaIth: extended version bambule-digitale.c md5: 8cb86c38f39f64614349aae90890d7a5 sha1: 8938ae253dfa2a9b3e46877982f0d5e7f8bd3885

[0x3] steaIth: @ioerror you are welcome :)

[0x4] steaIth: Vom Autor zum Abo-Werbe-Empfänger. Ich bin in der heise Datenbank verrutscht.

[0x5] steaIth: @the-anon-info-leak-discussion-therapy-group: exploits are not written in twitter but in C/Perl/ASM.

[0x6] steaIth: bambule-digitale.c: md5: bfbd1b1ffe1a7dba907eed56187089ca sha1: a1ce7a18c379debb2e2e6ce3b75c8aa8c1651375

[0x7] steaIth: Should also add a "donate" button to my site. Anyone? :)

[0x8] steaIth: If someone has an open OpenSource security position let me know offline;I ve been asked to forward a request.

[0x9] steaIth: RT @steaIth RT @steaIth RT @steaIth RT @steaIth RT @steaIth RT @steaIth ... SIGRT.

[0xA] steaIth: Erm, Ich meinte natürlich: Herzlichen Glückwunsch! :D

Dana Epp's ramblings at the Sanctuary

Life, the Universe and everything Security

[0x1] Announcing Elevation of Privilege: The Threat Modeling Game

[0x2] Reflecting on our Windows 7 birthday party

[0x3] Time to party! Windows 7 is here!

[0x4] RunAs Radio podcasts you might want to listen to

[0x5] Coding Tip: Why you should always use well known SIDs over usernames for security groups

[0x6] Major Windows 7 gotcha you should know about that may block you from upgrading

[0x7] Microsoft SDL bans mempcy()... next it will be zeros!!!!

[0x8] Using TS RemoteApp as an attack vector

[0x9] Is Twittering safe?

[0xA] Come have Coffee and Code in Vancouver with me and Microsoft tomorrow

Microsoft news from Network World

Breaking Microsoft news and analysis from NetworkWorld.com

[0x1] Excel vulnerabilities revealed on 'slower' Patch Tuesday

[0x2] Microsoft seeks browser comeback with IE 9

[0x3] Tech debate: Google Gmail vs. hosted Microsoft Exchange

[0x4] How we tested Microsoft Forefront UAG

[0x5] Microsoft delivers feature-rich SSL-VPN

[0x6] Microsoft's Ballmer: 'For the cloud, we're all in'

[0x7] Microsoft at last releases famed Red Hat/Linux virtualization drivers

[0x8] Microsoft cranks out new identity management software

[0x9] Is Novell worth $2 billion?

[0xA] From sneakers to smartphones: The man behind Microsoft's Windows Phone design

The SMB Minute

The SMB Minute

[0x1] Interview with Chirs Nickerson Part3

[0x2] Those Who Cannot Remember the Past are Condemned to Repeat it

[0x3] Your photos are NOT posted online

[0x4] More Phishing attempts

[0x5] Interview with Chris Nickerson Part 2, NOW with BETTER audio

[0x6] Interview with Chris Nickerson (part 1)

[0x7] More fake antivirus

[0x8] Great Resource for Windows 7 tweaks.com

[0x9] We’re Conducting a Survey

[0xA] Facebook Phishing/Scam

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

Computer security community with forums, blogs and directory covering exploit, vulnerability, advisory with various penetration testing tools.

[0x1] CVE-2009-4672 (wp-lytebox)

[0x2] CVE-2009-4674 (bus_ticket_script, sky_hunter_airline_ticket_sale_script)

[0x3] CVE-2010-0940 (simple_php_guestbook)

[0x4] CVE-2010-0941 (etek_systems_hit_counter)

[0x5] CVE-2010-0942 (com_jvideodirect)

[0x6] CVE-2010-0943 (com_jashowcase)

[0x7] CVE-2010-0944 (com_jcollection)

[0x8] CVE-2010-0945 (com_hotbrackets)

[0x9] CVE-2010-0946 (com_ksadvertiser)

[0xA] CVE-2009-3245 (openssl)

Packet Storm Security Last 100

100 Most Recent Packet Storm File Additions

[0x1] campsite-xsrf.txt

[0x2] 03.09.10-4.txt

[0x3] 03.09.10-3.txt

[0x4] 03.09.10-2.txt

[0x5] 60cyclecms-xss.txt

[0x6] 03.09.10-1.txt

[0x7] friendlytr69-sql.txt

[0x8] hydra-sqlxss.txt

[0x9] dsa-2009-1.txt

[0xA] TA10-068A.txt

CERIAS Blog

[0x1] Making the CWE Top 25, 2010 Edition

[0x2] Cowed Through DNS

[0x3] Blast from the Past

[0x4] Drone “Flaw” Known Since 1990s Was a Vulnerability

[0x5] An old canard reappears (sort of)

[0x6] Talking to the Police All the Time

[0x7] “Verified by VISA”: Still Using SSNs Online, Dropped by PEFCU

[0x8] Firefox Vulnerabilities: Souvenirs of Windows 95

[0x9] Are We All Aware Yet?

[0xA] Cassandra Firing GnuPG Blanks

Packet Storm Security Advisories

Packet Storm Last 10 Advisories

[0x1] 03.09.10-4.txt

[0x2] 03.09.10-3.txt

[0x3] 03.09.10-2.txt

[0x4] 03.09.10-1.txt

[0x5] dsa-2009-1.txt

[0x6] TA10-068A.txt

[0x7] CORE-2009-1103.txt

[0x8] CORE-2009-0813.txt

[0x9] MDVSA-2010-058.txt

[0xA] ZDI-10-026.txt

Linux Journal - The Original Magazine of the Linux Community

Since 1994: The Original Monthly Magazine of the Linux Community

[0x1] Interview with Linux Journal Virtual Editor Bill Childers

[0x2] OK Palm, We're Ready for the Foleo Now

[0x3] Book Excerpt: A Practical Guide to Linux Commands, Editors, and Shell Programming

[0x4] Getting Loopy: Performance Loopers For Linux Musicians

[0x5] Illegal use of term - five yard penalty

[0x6] Interview with Linux Journal Associate Editor Shawn Powers

[0x7] Which Linux distribution do you use most frequently?

[0x8] Sudo Axes Escalation Glitch

[0x9] Fixing Broken Images in OpenOffice

[0xA] Linux Journal Insider - April 2010

Voice&Data RSS Feed

Aggregate RSS Feed

[0x1] ADC Krone HighBand cross-connect solutions

[0x2] CommVault cloud-optimised Simpana software

[0x3] Researchers share lab findings faster

[0x4] Hewlett-Packard Cloud Design Service

[0x5] 3Com H3C S9500E modular switch chassis

[0x6] Quantum DXi6530, DXi6540 and DXi6550 backup appliances

[0x7] Research In Motion BlackBerry Enterprise Server Express software

[0x8] Tandberg Data DPS2000 NAS series disk system

[0x9] Storage system provides Gippsland Water certainty

[0xA] SonicWALL SonicOS 5.6 deep packet inspection

pSeries Tech Talk Forums

Free resource for IBM pSeries support, AIX support, Power Linux support and the latest information on IBM pSeries server virtualization.

[0x1] tazcox Intro

[0x2] AIX v6.1 AIXpert IP filtering

[0x3] simnew Intro

[0x4] AIX v5.3 stop qdaemon send out mesg to users

[0x5] nlhba1 Intro

[0x6] sachinvlk Intro

[0x7] jondavis85 Intro

[0x8] RSS Feed IBM PowerVM Workload Partitions Manager for AIX, Version 2.1

[0x9] amey Intro

[0xA] berry4 Intro

Wired Top Stories

Top Stories

[0x1] Call Me Google. (And Call Me, Google)

[0x2] Google Maps Finally Adds Bike Routes

[0x3] March 10, 2000: Pop Goes the Nasdaq!

[0x4] Veil Lifts on Apple's Secret Plan to Control Universe

[0x5] Texters Should Park the Car, Take the Bus

[0x6] Bottled Wind Could Be as Constant as Coal

[0x7] 10 Years After: A Look Back at the Dot-Com Boom and Bust

[0x8] Review: Science Trips Out on Music in 'The Heart Is a Drum Machine'

[0x9] Broadcast Video From Your Mobile

[0xA] Oldest Known Flying 'Car' Up for Auction

Rapid7 Network Security Blog

Vulnerability Management

[0x1] March Microsoft Patch Tuesday Roundup

[0x2] Introducing Exploit Exposure

[0x3] February Microsoft Patch Tuesday Roundup

[0x4] February Microsoft Patch Tuesday Preview

[0x5] The True Value of “Free” in Vulnerability Management

[0x6] January Out of Band Microsoft Patch Tuesday Roundup

[0x7] The Story Behind NeXpose Community Edition

[0x8] January Microsoft Patch Tuesday Roundup

[0x9] Metasploit PSEXEC scanner (via Perl)

[0xA] December Microsoft Patch Tuesday Roundup

Observations from a Tech Architect: Enterprise Implementation Issues & Solutions

Enterprise Technology Architect Craig Borysowich shares the challenges and achievements of enterprise solution design and implementation.

[0x1] Selecting a Customer Care Solution Package

[0x2] Sample ‘Supplement Payment Admin & Mgmt System’ Test Plan

[0x3] Sample Design & Development Standards for Visual Basic.

[0x4] Sample Design & Development Standards for PowerBuilder

[0x5] Sample Design & Development Standards for RDBMS

[0x6] Sample Creation of Project Objects

[0x7] Sample Accessibility & Usage Requirements

[0x8] Template for Responsibilities Matrix

[0x9] TECHNOLOGY PROOF OF CONCEPT SAMPLE

[0xA] Sample SAP security profile and authorizations plan

CSOONLINE.com - Pandemic

[0x1] Lack of Telework Preparedness Puts Business Continuity in Danger?

[0x2] Gartner Joins GAO in Raising Flu Network Congestion Fears

[0x3] Most Businesses READY for Flu Pandemic?

[0x4] Swine Flu Near You? IPhone App Will Let You Know

[0x5] A Swine Flu (H1N1) Business Continuity Planning Guide

[0x6] Swine Flu: Watching the Southern Hemisphere for Signs of H1N1 Havoc

[0x7] WHO Declares Swine flu a Pandemic. Now What?

[0x8] Swine Flu: A Wake-up Call for Emergency Planners

[0x9] Swine Flu: Now That the Hype Is Over, Keep Planning

[0xA] 10 Questions for Pandemic Planning

All Virus Alerts

[0x1] Net-Worm.Win32.Kido

[0x2] Virus.Win32.Gpcode.ak

[0x3] Email-Worm.Win32.Warezov.nf

[0x4] Email-Worm.Win32.Warezov.mx

[0x5] Email-Worm.Win32.Warezov.ms

[0x6] Email-Worm.Win32.Zhelatin

[0x7] Email-Worm.Win32.Zhelatin.u

[0x8] Email-Worm.Win32.Zhelatin.r

[0x9] Email-Worm.Win32.Zhelatin.o

[0xA] Email-Worm.Win32.Warezov

Moreover Technologies - Computer security news

Computer security news - more than 340 categories of real-time RSS news feeds

[0x1] Free Top Stock Picks Alerts - Sponsored Link

[0x2] Twitter to begin screening some links for phishing

[0x3] Slater & Gordon director has 1.99m shares released from escrow

[0x4] Twitter fights back against phishing scams

[0x5] Betty Mould Iddrisu Is No Trojan Horse

[0x6] Twitter to screen links for phishing scams

[0x7] Vodafone UK reassures HTC Magic users over virus claims

[0x8] McAfee Warns Consumers On Fake Scam

[0x9] Exclusive: Vodafone UK reassures HTC Magic users over virus claims

[0xA] Hackers target freshly uncovered Internet Explorer hole

Technibble

A Resource for Computer Repair Technicians & to get PC tech support help.

[0x1] Excel and Movie Maker – Patched

[0x2] How to Get a Killer Logo and Business Card

[0x3] Bogus iPad Offer on Facebook

[0x4] Office 2010’s Early Release

[0x5] Opera Bug

[0x6] LookInMyPC – Repair Tool of the Week

[0x7] March Patch Tuesday

[0x8] Shout Out To Our Site Advertisers

[0x9] Opera 10.50 for Windows

[0xA] New IE Vulnerability Found

LinuxSecurity.com: OpenBSD Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] OpenBSD: kernel heap overflow in IPsec

[0x4] OpenBSD: login_radius security flaw

[0x5] OpenBSD: Xpm security fix

[0x6] OpenBSD: zlib reliabilty fix

[0x7] OpenBSD: cvs Multiple vulnerabilities

[0x8] OpenBSD: cvs Heap overflow vulnerability

[0x9] OpenBSD: procfs Incorrect bounds checking vulnerability

[0xA] OpenBSD: cvs Pathname validation vulnerabilities

ITILSec.com - Collaborative Security - Published news

[0x1] How to Get Your Ex Back

[0x2] Стиральные Машины

[0x3] Телевизоры

[0x4] Холодильники

[0x5] Пылесосы

[0x6] Телефоны

[0x7] Мебель

[0x8] Квартиры

[0x9] Нотариус Одесса

[0xA] Знакомства

BlogInfoSec.com

An Information Security Magazine in a Blog Format

[0x1] Net-Witness of the Persecution

[0x2] A-Buzz About Google

[0x3] Negative Testing Revisited – Vehicle Control Systems (Part 2)

[0x4] Negative Testing Revisited – Vehicle Control Systems (Part 1)

[0x5] Please Let Me Explain…

[0x6] H1N1 Threat Overblown? Information Security Relevance? A Logic Proof

[0x7] Cloud Computing Security at Newsweek

[0x8] Protecting Cyberspace … Our Last Opportunity?

[0x9] The Google / China Hack: What you won’t read elsewhere

[0xA] Security Testing’s Missing Link and the Revelation of Drone Images

SOURCE Conference Blog

SOURCE Boston 2009: March 11th-13th

[0x1] SOI URL’s added

[0x2] URls.jpg

[0x3] De l’équivalence 24×36…

[0x4] RSA Security Conference – Cloud the Logging Killer App?

[0x5] Veracode at RSA 2010

[0x6] Visualisation hardware & software

[0x7] Passe-partout Wi-Fi ?

[0x8] Pkviz source code / Xcode project now available free under GPL3

[0x9] Mobile Malware Counterpoints

[0xA] Failure In Practical Security…

News from trapkit.de

News from trapkit.de

[0x1] [22.02.2010] avast! Security Advisory

[0x2] [02.02.2010] Apple iPhone OS and Mac OS X Security Advisory

[0x3] [31.01.2010] Oracle Solaris Kernel Security Advisory

[0x4] [27.12.2009] New version of checksec.sh

[0x5] [09.09.2009] Apple iPhone OS AudioCodecs Heap Buffer Overflow (TKADV2009-007)

[0x6] [16.05.2009] libsndfile/Winamp Security Advisory (TKADV2009-006)

[0x7] [04.04.2009] xine-lib Security Advisory (TKADV2009-005)

[0x8] [15.02.2009] xine-lib also affected by TKADV2009-004

[0x9] [28.01.2009] FFmpeg Security Advisory (TKADV2009-004)

[0xA] [22.01.2009] GStreamer Security Advisory (TKADV2009-003)

MacRumors : Mac News and Rumors

the mac news you care about

[0x1] Verizon Viewing iPad as Opportunity to Push MiFi Service

[0x2] Apple Reportedly Disrupting iPhone Competitors With Legal Threats Backed Up by HTC Suit

[0x3] iPhone Developer Agreement Revealed by Electronic Frontier Foundation

[0x4] Apple Releases iPhone SDK 3.2 Beta 4 for iPad

[0x5] MacHeist nanoBundle: 8 Mac Apps for $19.95 [Updated]

[0x6] FileMaker Pro 11 Brings Streamlined Database Creation With New Reporting and Collaboration Features

[0x7] Gruber: No 'Widget Mode' for Minor Applications on iPad

[0x8] Valve Officially Announces Steam and Game Library Coming to Mac in April

[0x9] Apple Cracking Down on "Cookie Cutter" App Store Applications?

[0xA] Apple Airs First iPad Commercial During Oscars, Steve Jobs at Event [Ad Video Posted]

Government Technology

[0x1] Government Technology - January 2009

[0x2] Government Technology - December 2008

[0x3] Government Technology - December 2008

[0x4] Government Technology - November 2008

[0x5] Government Technology - November 2008

[0x6] Government Technology - October 2008

[0x7] Government Technology - October 2008

[0x8] Government Technology - September 2008

[0x9] Government Technology - September 2008

[0xA] Government Technology - August 2008

Peter Guerra

All about security

[0x1] How Robber Barons hijacked the telegraph system

[0x2] The Bedazzler

[0x3] iPhone fix

[0x4] Twitter for Botnet control

[0x5] BlackHat 2009 Presentation

[0x6] SLE, Quantitative versus Qualitative Risk, and Finance

[0x7] BlackHat 2009

[0x8] White House Cyber Security Review is out

[0x9] Panda Cloud Antivirus

[0xA] 500,000 Unique Malware Files Every Day

Paul Thurrott's WinInfo News

News about Windows and Microsoft. No fluff.

[0x1] Microsoft Tweaks Browser Ballot

[0x2] Apple Delays iPad Release

[0x3] WinInfo Short Takes: Week of March 8, 2010

[0x4] Windows 7: 300 Million Units Expected in CY 2010

[0x5] RSA: Microsoft Proposes PC Safety Online

[0x6] Apple Launches Attack on Google's Android

[0x7] Microsoft to Offer Office 2010 Tech Guarantee

[0x8] Windows 7: Over 90 Million Sold

[0x9] EU: Browser Ballot to Serve 100 Million

[0xA] Increasingly, Microsoft and Google to Battle on Legal Issues Too

Palisade Magazine : Application Security Intelligence

A publication by Paladion Networks

[0x1] Quiz: Specifying life time for a webpage

[0x2] SAP Baseline Security Audit

[0x3] Defeating Encryption in Some Thick Clients

[0x4] Database Links Security

[0x5] Quiz: Proposal to amend Same Origin Policy

[0x6] Cache Control Directives Demystified

[0x7] The Payment Application Data Security Standard (PA DSS)

[0x8] Defend against Reverse Engineering

[0x9] Quiz: Cross Site Printing

[0xA] CSRF - The hidden menace

Security University 2010 Class Schedule

2010 Security University Classes

[0x1] CISSP® Prep/The Official SU CISSP® Prep Class

[0x2] Q/ND® Qualified/ Network Defender - Enroll Now!

[0x3] Q/EH® Qualified/ Ethical Hacker Class - Enroll Now!

[0x4] Q/SA® Qualified/ Security Analyst Penetration Tester Certification w/ Q/PTL® License - Enroll Now!

[0x5] Q/FE® Qualified/ Forensic Expert - Enroll Now!

[0x6] Q/NSP® Qualified/ Network Security Policy Admin and SOA Security Oriented Architect - Enroll Now!

[0x7] CWNA™/CWSP™ Boot Camp - Enroll Now!

[0x8] Q/WAD® Qualified/ Wireless Analyst and Defender - Enroll Now!

[0x9] Q/SSE® Qualified/ Software Security Expert Cert. - Enroll Now!

[0xA] Security Plus - Enroll Now!

OVAL Repository Latest Updates

This feed provides information about the latest updates to the OVAL Repository, including new OVAL definitions; definitions that have changed status (e.g., from Draft to Interim or Interim to Accepted); and definitions that have been modified is posted here. Each update to the OVAL Repository will also update this feed. The OVAL Repository is updated as edits and additions are completed. It is possible for this feed to be updated several times per day, but updates rarely occure more often than once per day.

[0x1] Definition oval:org.mitre.oval:def:6263 has been added to the OVAL Repository.

[0x2] Definition oval:org.mitre.oval:def:6382 has been added to the OVAL Repository.

[0x3] Definition oval:org.mitre.oval:def:6519 has been added to the OVAL Repository.

[0x4] Definition oval:org.mitre.oval:def:6150 has been added to the OVAL Repository.

[0x5] Definition oval:org.mitre.oval:def:5667 has been added to the OVAL Repository.

[0x6] Definition oval:org.mitre.oval:def:627 has been added to the OVAL Repository.

[0x7] Definition oval:org.mitre.oval:def:1442 has been added to the OVAL Repository.

[0x8] Definition oval:org.mitre.oval:def:6570 has been added to the OVAL Repository.

[0x9] Definition oval:org.mitre.oval:def:6438 has been added to the OVAL Repository.

[0xA] Definition oval:org.mitre.oval:def:5954 has been added to the OVAL Repository.

Security

[0x1] Symantec Previews Next-Gen Mobile Security Solution

[0x2] Secunia: Confusion About Opera Bug Could Hurt Security Efforts

[0x3] Twitter Launches Link-Screening Service

[0x4] Malware Found on HTC Magic Phone

[0x5] Patch Tuesday Fixes Eight Flaws, Warns of IE Bug

[0x6] Security Mechanisms Inherently Flawed, Say Researchers

[0x7] Apache Patches Critical Flaw

[0x8] McAfee Warns of Fake Anti-Virus Scams

[0x9] IBM to Pair Technologies for Secure Software Development

[0xA] Opera Working on Patch for Critical Browser Bug

Internet Security News - SecurityProNews

Breaking news and top stories from the world of Internet security.

[0x1] Google Goes After Impersonator Scammers

[0x2] Senate Uncovers Online Credit Card Tricks

[0x3] McAfee: Cyberwarfare A Big Threat

[0x4] ICSA Labs Finds Flaws In New Security Products

[0x5] Nigeria Announces Early Results Of Anti-Scammer Initiative

[0x6] MessageLabs Names Most- (And Least-) Spammed States

[0x7] Enormous Malware Archive Creates Stir

[0x8] Avsim Hacker (Maybe) Brought Before Cops

[0x9] Email Password Hackers Present Real Threat

[0xA] Laptops, CDs Alarm Governors, Credit Unions

WEB-HACK.ru

Новостной портал по сетевой безопасности!

[0x1] Надежный и безопасный хостинг для белых проектов

[0x2] Data Guardian v1.5.9

[0x3] Топ-20 тем спама о Дне Святого Валентина

[0x4] Хакеры атакуют сторонников Барака Обамы

[0x5] Взлом сайта Общественной палаты

[0x6] ESET обновлила антивирус для смартфонов

[0x7] Kaspersky Security Bulletin. Развитие угроз в 2008 году

[0x8] Kaspersky Security Bulletin. Основная статистика за 2008 г.

[0x9] Kaspersky Security Bulletin. Спам в 2008 г.

[0xA] Хакеры получили доступ к данным 4,5 млн. человек на Monster.co.uk

DRJ Current Articles

Current Articles from Disaster Recovery Journal

[0x1] Business Continuity in Emerging Markets

[0x2] Computer based Modeling and Simulation for BC/DR

[0x3] Fraud: An Overlooked Risk

[0x4] Words Count in Emergency Notification

[0x5] 'Auld Lang Syne' - Forging the Link and Building the Chain

[0x6] DRI International’s Participation in the RIMS-PERK

[0x7] Following the Path of Downward Resiliency

[0x8] Lessons Learned By Flood Repair of Electrical Equipment

[0x9] Perfect Practice Makes Perfect

[0xA] Increasing the Value of DR in Everyday Operations

SecurityVibes UK

Security & Compliance Community

[0x1] Web 2.0 and Social Networks in the Enterprise

[0x2] Digital Economy Bill raises privacy concerns

[0x3] Cloud security threats identified by CSA

[0x4] Vote for your CSO Interchange topics

[0x5] Cloud Computing : a simple question of supplier risk

[0x6] Most dangerous coding errors outed

[0x7] Microsoft IE users to get browser choice update

[0x8] Google Buzz fail highlights privacy expectation rise

[0x9] Annual hacking challenge aims for mobiles and browsers

[0xA] The Challenges of Cross Border eID

CSOONLINE.com - Supply Chain

[0x1] Supply Chain Security Threats: 5 Game-Changing Forces

[0x2] Chemical Spill Response: How Dow is Training Small Town America to Handle Hazmat Emergencies

[0x3] SLIDESHOW: Chemical Safety Training

[0x4] Swine Flu: How to Make Biz Continuity Plans

[0x5] UPDATED: Pandemic Preparedness Primer

[0x6] What New Air Cargo Security Rules Mean for Business

[0x7] CBP and Smart Containers: What Does It Know?

[0x8] 3 Global Risks to Business in 2009

[0x9] 10 Steps to Loading Dock Security

[0xA] Loading Docks in Multitenant Buildings

CSOONLINE.com - Application Security

[0x1] What Are the Most Overrated Security Technologies?

[0x2] Excel Vulnerabilities Revealed on 'Slower' Patch Tuesday

[0x3] Auto of the Future? New Cars Add Infosec Technology

[0x4] Opera to Patch Browser Vulnerability Soon

[0x5] RSA 2010: Can Adobe Stop the Hate?

[0x6] RSA Conference 2010: 4 Survival Tips

[0x7] IBM: Vulnerabilities Fell in 2009, but Other Risks Abound

[0x8] Security B-Sides: Rise of the 'Anti-conference'

[0x9] Twitter Attacks: How to Alert Connections of a Social Network Hack

[0xA] Reports: Internet Attacks Traced to Chinese Schools

Hack In The Box

Hack In The Box Backend

[0x1] Building a Linux Incident Response / Forensic Disk

[0x2] UK still lousy on electronic nosiness

[0x3] Five Best VPN Tools

[0x4] Researchers dissect ZeuS botnet blueprint

[0x5] Feds Move to Break Voting-Machine Monopoly

[0x6] 1024-bit RSA encryption cracked by carefully starving CPU of electricity

[0x7] Limewire taps AVG for virus free torrents

[0x8] Physicists Find Way to See Through Paint, Paper, and Other Opaque Materials

[0x9] The Basics of SAN Security

[0xA] Army plans enterprise email system

Twitter / Panda_Security

Twitter updates from Panda Security / Panda_Security.

[0x1] Panda_Security: RT @Luis_Corrons: Finally I have the stats on Mariposa, enjoy! - http://bit.ly/91my67 - PandaLabs Blog

[0x2] Panda_Security: RT @lithium: @Panda_Security CEO @JuanSantana quoted in a USA Today story: Cyberthieves stealing from small businesses- http://bit.ly/9PS9Lo

[0x3] Panda_Security: ExeFolder.E new worm on PandaLabs encylopedia. http://bit.ly/aRMZWB

[0x4] Panda_Security: New PandaLabs blog post. Vodafone distributes Mariposa-like bot. http://bit.ly/d3eTBm

[0x5] Panda_Security: RT @lithium: Panda Research Blog - Vodaphone distributes Mariposa and other malware on an HTC magic android phone - http://bit.ly/d6gNeL

[0x6] Panda_Security: Panda + Exchange 2010 = sant!: Bara några veckor efter releasen av version 4.05.00 av… http://goo.gl/fb/Iqq6

[0x7] Panda_Security: Spanish TV (TVE) has just left Panda Madrid. We will be on the news this weekend as well

[0x8] Panda_Security: RT @AnaE: Introducing El Santo http://bit.ly/bej7nV one of our greatest 2.0 support technicians :-D #pandasecurity #lapiazza

[0x9] Panda_Security: New rogueware on PandaLabs encyclopedia. DesktopSecurity2010: http://bit.ly/ducD8g

[0xA] Panda_Security: RT @AnaE: Big data needs big government http://bit.ly/aFr6ND new post in Panda Security's Tech Support Blog La Piazza

Security Fix

Brian Krebs on computer and Internet security

[0x1] Farewell 2009, and The Washington Post

[0x2] Hackers exploit Adobe Reader flaw via comic strip syndicate

[0x3] Twitter.com hijacked by 'Iranian cyber army'

[0x4] Group IDs hotbeds of Conficker worm outbreaks

[0x5] Hackers target unpatched Adobe Reader, Acrobat flaw

[0x6] Check your Facebook 'privacy' settings now

[0x7] Paper-based data breaches on the rise

[0x8] Critical updates for Adobe Flash, Microsoft Windows

[0x9] Featured Advertiser

[0xA] Security Fix author named 'cybercrime hero'

Optimal Security

the Lumension Blog

[0x1] March Patch Tuesday Overshadowed by New IE Zero-Day Vulnerability

[0x2] Insights from America’s Growth Capital and RSA Conferences

[0x3] Operationalizing Endpoint Security: How IT is Adopting to the Changing Threat Landscape

[0x4] HITECH Breach Data: the Good, the Bad, and the Ugly

[0x5] Advanced Persistent Threat: Marketing Hype or Real Menace?

[0x6] How to Deal with Microsoft BSOD: TDSS Malware

[0x7] Kneber BotNet / Zeus Trojan Strikes!

[0x8] 7 Things You Need to Know About HITECH

[0x9] 17-Year-Old Vulnerability Fights to Stay Alive!

[0xA] February 2010 Patch Tuesday Security Briefing

CGISecurity - Website and Application Security News

All things related to website, database, SDL, and application security since 2000.

[0x1] Cryptography experts bicker with former NSA director at RSA panel

[0x2] Web Security Dojo v1.0 release

[0x3] Watcher 1.3.0 passive Web-vulnerability testing tool released

[0x4] XSS, SQL Injection and Fuzzing Barcode Cheat Sheet

[0x5] Multiple Adobe products vulnerable to XML External Entity Injection And XML Injection

[0x6] Post on Abusing Windows Communication Foundation to Perform Remote Port Scans

[0x7] 2010 SANS Top 25 Most Dangerous Programming Errors Released

[0x8] Larry Suto Web Application Security Scanner Comparison Report Inaccurate Vendors Say

[0x9] R.I.P. Apache 1.x: Apache 1.3.42 marks of end life

[0xA] Nikto version 2.1.1 released

Development & Integration White Papers

C Languages, EAI, Java, Visual Basic, and Web Design White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] Improving Application Development with Digital Libraries

[0x3] Introduction to The Most Popular Commercial Open Source Backup Software - Amanda Enterprise

[0x4] How Can I Back Up MySQL Database Without Killing Application Performance? NetApp and Zmanda Have the Answer.

[0x5] Achieving the Impossible- Unlimited Application Scalability

[0x6] Data Centre Transitions: UNIX to Linux

[0x7] Data Grids and Service  Oriented Architecture

[0x8] An Innovative Approach to Managing Software Requirements

[0x9] Using Virtualization to Maximize Your IT Environment

[0xA] Why Every Data Center Needs Automation

SecuriTeam

Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.

[0x1] LedgerSMB Multiple Vulnerabilities

[0x2] Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability

[0x3] Piwik Cookie Unserialize Vulnerability

[0x4] Invision Power Board SQL PHP File Inclusion and SQL Injection

[0x5] U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) Vulnerability

[0x6] Netifera - Modular Open Source Platform for Security Tools

[0x7] WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems

[0x8] Webshag - Web Server Audit Tool

[0x9] Browser Fuzzer

[0xA] FSpy - Linux Filesystem Activity Monitoring

Andy ITGuy - Information Security Blog

The voice of reason in a world of FUD

[0x1] Episode 8 of The Southern Fried Security Podcast is out

[0x2] March Atlanta NAISG Meeting

[0x3] Data protection extends beyond electronic data

[0x4] Funny Spam Messages

[0x5] Is exploit necessary?

[0x6] The negative power of Social Networking

[0x7] Adding some Bite to your Bark

[0x8] So who really is responsible

[0x9] Are we being irresponsible?

[0xA] February Atlanta NAISG Meeting

Reformed(?) Hacker

[0x1] Lessons learned from a vendor

[0x2] Wiki tab sweep

[0x3] Graph processing

[0x4] Tab Sweep: Search

[0x5] Identifier Tab Sweep

[0x6] When two people know less than one

[0x7] Typical scaling progression for a large website

[0x8] Scalr

[0x9] Standalone, Java implementation of Bloom Filters

[0xA] Standalone, Java implementation of Cuckoo Hashing

Realtime Community | IT Compliance

The Realtime IT Compliance Community is an objective source for information related to IT Compliance, regulations, information security, and data protection. The community provides a wide range of resources including blogs, articles, white papers, forums and podcast as well as links to external resources.

[0x1] Smart Grid Privacy: Possible Privacy Standards To Address Concerns

[0x2] 15 Smart Grid Privacy Concerns + Other Smart Grid Thoughts

[0x3] HIPAA And Surveillance In Hospitals

[0x4] CEs and BAs: Be HIPAA/HITECH Compliant Or Pay A Hefty Penalty

[0x5] Smart Grid Privacy: Laws and Implications

[0x6] 6 Critical Factors for Effective Information Security & Privacy Policies

[0x7] Who Are Your Business Associates?

[0x8] HIPAA/HITECH Etc. Retention: Does Your Reality = Your Requirements?

[0x9] Proposed HIPAA Privacy Rule Change Explicitly Makes Genetic Info PHI

[0xA] Privacy For The Deceased

CSOONLINE.com - Employee Protection

[0x1] Secure Parking Lot Design: Dos and Don'ts

[0x2] Parking Lots and Garages: Security Factors

[0x3] Travel Security: What to Pack to Survive a Natural Disaster

[0x4] Disaster in Haiti: Advice for Employees and Operations on the Ground

[0x5] Security and Building Design: What Changed in This Decade

[0x6] Testing Shows Cocaine, Meth Use Down Among U.S. Workforce

[0x7] Excerpt: Conducting a Protective Security Advance

[0x8] Managing Security Overseas: Contact and Coordination with Local, Regional, and International Authorities

[0x9] How Security Should Handle Pickets and Strikes

[0xA] How 9-11 Shaped Hoover Dam Security Operations

CSOONLINE.com - Career/Staffing

[0x1] RSA 2010: Infosec Pros Get Raises Despite Recession

[0x2] One Man's Life on the Security D-List

[0x3] Scanning the Security Classifieds

[0x4] Economic Recovery: Will Your IT Security Department Jump Ship?

[0x5] What is a CSO, Part 2

[0x6] Survey: Security Certifications Hot Among IT Pros

[0x7] 7 Ways to Stay Happy in a Miserable Profession

[0x8] Survey Says More Companies Hiring CSOs, Holding Steady on Spending

[0x9] IT Security Outsourcing in Decline; Companies Do More In-house

[0xA] Undercover: A Painful Lack of Security Jobs

National Vulnerability Database

This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.

[0x1] CVE-2010-0946 (com_ksadvertiser)

[0x2] CVE-2010-0945 (com_hotbrackets)

[0x3] CVE-2010-0944 (com_jcollection)

[0x4] CVE-2010-0943 (com_jashowcase)

[0x5] CVE-2010-0942 (com_jvideodirect)

[0x6] CVE-2010-0941 (etek_systems_hit_counter)

[0x7] CVE-2010-0940 (simple_php_guestbook)

[0x8] CVE-2010-0939 (abb_forum)

[0x9] CVE-2010-0938 (todoo_forum)

[0xA] CVE-2010-0937 (visualization_library)

Leadership 101

Enhancing Global Leadership from the Inside-Out.

[0x1] Executive Hires...

[0x2] The Voice Of A Leader... Part II

[0x3] The Voice Of A Leader...

[0x4] Effortless Leadership... Part III

[0x5] Effortless Leadership... Part II

[0x6] Effortless Leadership...

[0x7] Maximizing The Holidays...

[0x8] Leading During The Holidays...

[0x9] Growing Through Sports...

[0xA] The Traveling Leader...

The MITRE Digest

The MITRE Digest is an online magazine that showcases our latest work in aviation systems, defense and intelligence, federal sector modernization, homeland security, and cutting–edge research. We cover timely topics that affect our sponsors and the national interest.

[0x1] Share and Share Alike: Building an Information Interoperability Toolkit

[0x2] Digest Flashback: Targeting the 25 Most Dangerous Programming Errors

[0x3] Audio Hot Spotting Retrieves Information from Multimedia

[0x4] Millimeter–scale Robots: Small in Stature, Big in Capability

[0x5] MITRE's Collaborative Experimentation Environment: Putting Cooperation to the Test

[0x6] Finding the Way: Taking Web Infrastructure to the Network's Edge

[0x7] MITRE's Cyber Security Operations Center Helps Sponsors Keep Networks Secure

[0x8] Innovative Collaborative Community Helps Warfighters Connect the Dots

[0x9] MITRE Helps Illuminate the Rising Area of Metamaterials

[0xA] Predictive Heads–Up Display Compensates for Feedback Lag for Predators and Reapers

DarkReading - All Stories

DarkReading

[0x1] Voluntary Breach Disclosure Rare But Valuable

[0x2] Botnets Serving Project Aurora Likely Built By "Amateurs," Researcher Says

[0x3] Ford Motor Rolls Out New Security Features To Prevent Car-Hacking

[0x4] Product Watch: Gemalto Rolls Out Secure Online Banking On A Stick

[0x5] New Massachusetts Data Privacy Law Adds Incentive For Strong Database Security

[0x6] Smartphone Weather App Builds A Mobile Botnet

[0x7] At RSA, Some Security Pros Don't Practice What They Preach

[0x8] Tool Automates Targeted Attacks On Social Network Users

[0x9] New BlackEnergy Trojan Targeting Russian, Ukrainian Banks

[0xA] Product Watch: New Microsoft Identity Technology Aims To Protect Online Privacy

CSOONLINE.com - Video Surveillance

[0x1] How 9-11 Shaped Hoover Dam Security Operations

[0x2] Hoover Dam Security in Pictures

[0x3] Taking the 'Closed' Out of CCTV

[0x4] Charitable Risk: Security Challenges of the Bill and Melinda Gates Foundation

[0x5] Study: Air Cargo Security Seriously Lacking

[0x6] Fast-Food FAIL: Drive-Thru Displays Point-of-Sale LAN Details

[0x7] Report: Shoplifting Surges in Down Economy

[0x8] Social Engineering: 5 Security Holes at the Office (Includes Video)

[0x9] VMS: How to Manage Surveillance Video

[0xA] 4 Steps Security Can Take to Prevent Kidnapping

LinuxSecurity.com: Fedora Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Fedora 10 ruby-1.8.6.368-2.fc10

[0x4] Fedora 12 moodle-1.9.7-1.fc12

[0x5] Fedora 12 ntp-4.2.4p8-1.fc12

[0x6] Fedora 10 moodle-1.9.7-1.fc10

[0x7] Fedora 12 kernel-2.6.31.6-166.fc12

[0x8] Fedora 10 httpd-2.2.14-1.fc10

[0x9] Fedora 12 nss-util-3.12.5-1.fc12.1

[0xA] Fedora 10 rubygem-actionpack-2.1.1-5.fc10

Learning Solaris 10

Check out the Zones F.A.Q. !

[0x1] CentOS 3.9 running in an lx branded zone

[0x2] OpenSolaris & Sun Secure Global desktop

[0x3] Opensolaris & wifi Broadcom BCM4312 on Dell Vostro 1710

[0x4] Security Advantages of the Solaris Zones Software

[0x5] Understanding the Security Capabilities of Solaris Zones Software

[0x6] New blueprint over the M-Series servers configuration

[0x7] Sun Forums: A Sun Java System Web Server 7.0 Reference Deployment

[0x8] Network virtualization in Solaris : project Crossbow

[0x9] Setting Up OpenDS 1.0.0 as a Naming Service

[0xA] Sun Fire X4500 as a Media Server for Symantec Veritas NetBackup 6.5

TraverseCode.com

[0x1] |From: PDF@Exploit| |To: Zeus@Trojan| |Subject: Steals Bank Credentials|

[0x2] Don’t press F1 key in Windows XP

[0x3] Traversing a ‘DLL’: Financial Crimeware (Banker)

[0x4] Orkut Phishing using Blogspot account

[0x5] Social Engineering – Fake TwitterIM Download

[0x6] Scam Mail targeting Indian users “Tax Refund Online Form”

[0x7] Chase Bank Phishing scam Mail

[0x8] Traversing a Financial Crimeware which uses Proxy Technique

[0x9] 1st Rogue Mail in 2010

[0xA] Decrypting the Zeus Config File

MySecured.com

Covering Mobile Phone Forensics, Information Security and Computer Security

[0x1] Push for cigarette-like warnings on mobiles in the USA

[0x2] Blackbox JTAG Reverse Engineering @ 26th Chaos Communication Congress

[0x3] Happy Holidays from MySecured.com

[0x4] Sexting and Mobile Phone Forensics

[0x5] NIST Releases a New Report within Mobile Forensic Reference Materials: A Methodology and Reification. NISTIR 7617.

[0x6] New NIST SIM Data Population Tool For Mobile Phone Forensics Uses

[0x7] Augmented Reality Projection Tracking System from Japan

[0x8] Android 2.0 Perview Video (On G1 from SDK)

[0x9] Wearable, Projector and Mobile Phone based Sixth Sense

[0xA] Real-Time Interactive Augmented Reality Billboard

PenTestIT

Your source for Information Security Related information!

[0x1] SubSeven 2.3!

[0x2] UPDATE: WebRaider v0.2.3.8!

[0x3] ackack: Monitor your Network Traffic and Detect Unauthorized Sessions Easily!

[0x4] aef-xss.txt

[0x5] uebimiauwebmail-disclose.txt

[0x6] rsstatic-sql.txt

[0x7] orbital_viewer_orb.rb.txt

[0x8] energizer_duo_payload.rb.txt

[0x9] easyftp.rb.txt

[0xA] mhproducts-sql.txt

Security Basics

A high-volume list which permits people to ask "stupid questions" without being derided as "n00bs". I recommend this list to network security newbies, but be sure to read Bugtraq and other lists as well.

[0x1] Reporting SSH abuse

[0x2] Re: Help hardening router

[0x3] Re: Help hardening router

[0x4] Re: Help hardening router

[0x5] RE: Help hardening router

[0x6] Re: securing a segment of a network

[0x7] FW: Help hardening router

[0x8] Re: Help hardening router

[0x9] Re: Help hardening router

[0xA] Re: securing a segment of a network

Juniper

Juniper RSS Feed

[0x1] Signature Update #1625

[0x2] Signature Update #1589

[0x3] Signature Update #1591

[0x4] Signature Update #1592

[0x5] Signature Update #1593

[0x6] Signature Update #1595

[0x7] Signature Update #1597

[0x8] Signature Update #1598

[0x9] Signature Update #1599

[0xA] Signature Update #1600

cryptography on SWiK

[0x1] Post-Quantum Cryptography

[0x2] http://www.ietf.org/rfc/rfc2104.txt

[0x3] Crypto-anarchism - Wikipedia, the free encyclopedia

[0x4] Introduction to Public-Key Cryptography - MDC

[0x5] Introduction to PQCrypto

[0x6] Robert G. Brown's General Tools Page

[0x7] waveto's node-crypto at master - GitHub

[0x8] EasyPG

[0x9] Microsoft open-sources clever U-Prove identity framework

[0xA] Microsoft open-sources clever U-Prove identity framework

Network Security Blog

Join me as I spend 30 minutes each week talking about the computer security issues facing us today. I discuss privacy, hacking, malware and the Payment Card Industry (PCI) Data Security Standards.

[0x1] The Network Security Podcast, Episode 188

[0x2] RSAC2010: Sourcefire

[0x3] RSAC2010: ISC2

[0x4] RSAC2010: Kaspersky Lab

[0x5] RSAC2010: Astaro Internet Security

[0x6] RSAC2010: F-Secure

[0x7] Network Security Podcast, Episode 187

[0x8] RSAC2010: Panda Security

[0x9] RSAC2010: ICSA Labs

[0xA] RSAC2010: Mark Bower, Voltage Security

Crypto-Gram Security Podcast

Security: Bruce Schneier's monthly Crypto-Gram Newsletter (read by Dan Henage)

[0x1] Crypto-Gram 15 Jan 2010

[0x2] Crypto-Gram 15 Dec 2009

[0x3] Crypto-Gram 15 Nov 2009

[0x4] Crypto-Gram 15 Oct 2009

[0x5] Crypto-Gram 15 Sep 2009

[0x6] Crypto-Gram 15 Aug 2009

[0x7] Crypto-Gram 15 Jul 2009

[0x8] Crypto-Gram 15 Jun 2009

[0x9] Crypto-Gram 15 May 2009

[0xA] Crypto-Gram 15 Apr 2009

suck-o.com hacking - coding - development

Hacking, coding, web development, lots of high quality downloads and friendly forums. Join our community, we are non-commercial and independent!

[0x1] Record 13-Year Sentence for Hacker Max Vision

[0x2] Cyber attacks against Australia `will continue`

[0x3] ‘Don’t Be Evil,’ Meet ‘Spy on Everyone´: How the NSA Deal Could Kill Google

[0x4] Google to enlist NSA to help it ward off cyberattacks

[0x5] Parallel Algorithm Leads to Crypto Breakthrough

[0x6] CIA, PayPal under bizarre SSL assault

[0x7] Internet Service Providers have a pessimistic view of the future

[0x8] Mozilla unfurls first mobile Firefox

[0x9] Hackers Targeted Oil Companies for Oil-Location Data

[0xA] Amateur goof makes Twitter account hijacking a snap

Check Point SmartDefense Service Advisories

The SmartDefense Service provides real-time updates and new attack protection capabilities for Application Intelligence, Web Intelligence, and Network defenses for various products.

[0x1] Update Protection against Microsoft Movie Maker Project File Handling Buffer Overflow Vulnerability (MS10-016)

[0x2] Update Protection against Microsoft Excel DbOrParamQry Record Parsing Code Execution Vulnerability (MS10-017)

[0x3] Update Protection against Microsoft Excel XLSX File Parsing Code Execution Vulnerability (MS10-017)

[0x4] Update Protection against Microsoft Excel FNGROUPNAME Record Uninitialized Memory Vulnerability (MS10-017)

[0x5] Update Protection against Microsoft Excel MDXTUPLE and MDXSET Records Heap Overflow Vulnerabilities (MS10-017)

[0x6] Update Protection against Microsoft Excel Sheet Object Type Confusion Vulnerability (MS10-017)

[0x7] Update Protection against Microsoft Excel EntExU2 Record Memory Corruption Vulnerability (MS10-017)

[0x8] Update Protection against Microsoft VBScript MsgBox Call with Malicious HLP File Vulnerability

[0x9] Workaround for Microsoft Windows Kernel Exception Handler Code Execution Vulnerability (MS10-015)

[0xA] Update Protection against Microsoft Windows TCP/IP Selective Acknowledgement Denial of Service Vulnerability (MS10-009)

Open Source Security

Discussion of security flaws, concepts, and practices in the Open Source community

[0x1] CVE Request -- SpamAssassin Mail Filter -- arbitrary shell command injection (priv esc)

[0x2] phpmyvisites 2.3

[0x3] CVE Request -- MediaWiki - v1.15.2

[0x4] Re: CVE Request: libesmtp does not check NULL bytes in commonName

[0x5] CVE Request: postgresql integer overflow in hash table size calculation

[0x6] Re: CVE Request -- cURL/libCURL 7.20.0

[0x7] CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001

[0x8] Re: WANTED: mikmod patches

[0x9] Re: Samba symlink 0day flaw

[0xA] Re: CVE Request: gnome-screensaver termination by pressing "Enter"

Search Engine Watch Blog

Provides constant updates of the latest search engine marketing and other search news from Search Engine Watch and across the web.

[0x1] WHERE Launches Local/Mobile Ad Network

[0x2] Outsell forecasts that online spending will overtake print in 2010

[0x3] 8 Google Updates from the Past 8 Days

[0x4] Web Analytics Association Names Mike Levin as Executive Director

[0x5] Allison Schwam is Skiing Her Way to Search Success

[0x6] New MSN Homepage Begins Rolling Out Today

[0x7] 173 million U.S. Internet users watched 32.4 billion videos in January

[0x8] Razorfish Improves Efficiencies by 50% with Marin Search Marketer

[0x9] Citysearch Teams with OrangeSoda for Online Marketing Solution

[0xA] SEMPO Names New Board of Directors

Command Line Kung Fu

This blog will include fun, useful, interesting, security related, non-security related, tips, and tricks associated with the command line. It will include OS X, Linux, and even Windows!

[0x1] Episode #85: Coincidence & Randomness

[0x2] Episode #84: Fixing the Filenames

[0x3] Episode #83: Faster. Higher. Stronger.

[0x4] Episode #82: Hippy Barfday Spew Do You?

[0x5] Episode #81: From the Mailbag

[0x6] Episode #80: Time Bandits

[0x7] Episode #79: A Sort of List

[0x8] Episode #78: Advanced Process Whack-a-Mole

[0x9] Episode #77: USB History

[0xA] Episode #76: Say Hello to My Little Friend Netstat

Evilcodecave's Weblog

Just another RCE Weblog

[0x1] Fast Overview of SpyEye

[0x2] Rootkit Agent.adah Anatomy and Executables Carving via Cryptoanalytical Approach

[0x3] PHP/Spy.Bull Cryptanalysis of Encryption used and Threat Analysis

[0x4] Siberia ExploitPack and PDF Exploit Analysis

[0x5] DNAScan Malicious Network Activity Reverse Engineering

[0x6] Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation

[0x7] PHPSpyScanBot Analysis

[0x8] [Crimeware] Researches Reversing about Eleonore Exploit Pack

[0x9] [Crimeware] Researches and Reversing about Eleonore Exploit Pack

[0xA] [Malware] BDS/PHP.Agent.DW.8 Dissection

SriniCenthala

Welcome ! You come to the right place for datawarehouse , Business Intelligence BI , Extraction Transformation and Loading ETL Process , Decision Support System (DSS) and OLTP System Design , Data Modeler , Data Architect who has extensive experience in building Very Large Systems. Project Management process PMI Process and PMP Certification. Provide help to any one who wants to know about PMO Office setup & also handling any IT Projects.

[0x1] Study in India: www.eduhelp.in

[0x2] Stay Agile & Succeed - Pairworks - Agile Project Management Tool On-Demand

[0x3] PureApp.com - Monitor & Control Continues Integration On-Demand

[0x4] "There are times brick hits your head!"..."Do not lose your faith on what you love to do!"

[0x5] Agile Project Management Tool - www.PairWorks.com

[0x6] Planning for "eServicePlace LinkedIn Application"

[0x7] New Launch of Datamartist

[0x8] eServicePlace.com How it works

[0x9] New Services Market Place , so What for you?

[0xA] Selecting an Engineering college that matches your marks / cut off made easy! How?

Edible Apple

Apple News, Rumors, and Analysis

[0x1] Steve Jobs “giving his new liver a workout” [Photo]

[0x2] Pink Floyd and EMI fight over iTunes royalties

[0x3] Amazon looking to upgrade the Kindle’s web browser

[0x4] Amazing musical creativity on the iPhone [Video]

[0x5] Analyst: iPad sales to eclipse all-time Kindle sales in just 3 monthsFB

[0x6] Former Sun CEO Jonathan Schwartz on Steve Jobs, Bill Gates, and patent litigation

[0x7] Apple releases iPad/iPhone OS 3.2 SDK

[0x8] Apple’s HTC lawsuit makes developers think twice about Android

[0x9] Apple’s iTunes LP initiative was done at the behest of Record Labels

[0xA] Does Microsoft pose a threat to Apple when it comes to mobile gaming?

LinuxSecurity.com: EnGarde_Secure_Linux Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] EnGarde Secure Community Release Notes 3.0.10

[0x4] EnGarde Secure Community 3.0.8 Release Notes

[0x5] EnGarde Secure Community 3.0.7 Release Notes

[0x6] EnGarde Secure Community 3.0.6 Release Notes

[0x7] EnGarde Secure Community 3.0.5 Release Notes

[0x8] EnGarde Secure Community 3.0.4 Release Notes

[0x9] EnGarde Secure Community 3.0.3 Release Notes

[0xA] EnGarde Secure Community 3.0.2 Release Notes

Business: Security Articles from EzineArticles.com

EzineArticles.com - Trusted By Millions as The Source For Quality Original Articles

[0x1] VPN Comes to Your Rescue When Business Security is Concerned

[0x2] Private Security Manager

[0x3] Security Vetting

[0x4] Document Storage and Shredding

[0x5] Protect Your Website, Prevent Piracy & Stop Your Digital Products From Being Stolen, Ever Again!

[0x6] Do Industries Need Locksmiths?

[0x7] Badge Holders in Business

[0x8] Your First Security Digital Video Recorder Purchase - Components to Consider - Part 2

[0x9] CCTV Security Cameras in Schools

[0xA] Quick 5 Advantages of Electronic Security Guard - Visitor Management System

Government Technology Web Strategies News

Government Technology: News: Web Strategies

[0x1] South Carolina Redesigns State Web Portal, Adds Features

[0x2] Alabama Debuts iPhone App for Government Info

[0x3] Hillsborough County, Fla., Seeks Budget Cutting Ideas via Social Media

[0x4] Michigan Includes Geo-Location in New State Web Portal

[0x5] San Francisco and Partnering Cities Launch 311 Open Source

[0x6] Pentagon Embraces Web 2.0 in Social Media Policy

[0x7] Seattle Announces Open Data Web Site

[0x8] California CIO Issues Use Policy for Facebook, YouTube, Other Social Media

[0x9] Will Facebook Replace Traditional Government Web Sites?

[0xA] Microsoft Unveils Dedicated Cloud for Government

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] www.bobparsons.me XSS

[0x2] store.dakar.com XSS

[0x3] www.reuters.com XSS

[0x4] apps.dhl.co.uk XSS

[0x5] www.sprint.net XSS

[0x6] www.whois.com.tr XSS

[0x7] www.devbank.com XSS

[0x8] www.wow-heroes.com XSS

[0x9] www.dreamcarisma.de XSS

[0xA] www.att.com XSS

Daily Dave

This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

[0x1] Re: Mike Bailey's Flash presentation is good.

[0x2] Mike Bailey's Flash presentation is good.

[0x3] Re: Does anyone have video of this?

[0x4] Perforce

[0x5] Re: Does anyone have video of this?

[0x6] Does anyone have video of this?

[0x7] FIRST 2010!

[0x8] Month of PHP Security 2010 - CALL FOR PAPERS

[0x9] dnsmap v0.30 + embedded devices discovery trick

[0xA] Re: XSS in viewstate

ASTALAVISTA Forum Feed

[0x1] Dorks Claiming to Be Unhackable

[0x2] Help to Decipher an Algorithm

[0x3] 1 forum topic _ DELET

[0x4] Hello Astalavista

[0x5] A newbie learning computer networking!

[0x6] Web info gathering, and copy site software?

[0x7] Folding@home Team Status

[0x8] Hi all

[0x9] Creating a "99%" bulletproof password list

[0xA] Got some error ,need some help in bt4 with samdump2

The Hacker Diaries

Ethical Hacking, Security Tools, and all things Cyber Security

[0x1] Inside the Mind of a Hacker

[0x2] Hacktivists change the Global Warming Debate

[0x3] Protecting from Identity Theft? A good Start

[0x4] Social Security number code cracked, study claims

[0x5] Pink Floyd star David Gilmour joins fight to halt extradition to US of hacker Gary McKinnon

[0x6] The Myth of the Virus Free Mac

[0x7] Hackers launch phishing attack on Facebook users

[0x8] Social Networking making it easier for Hackers

[0x9] Twitter’s porn name game a hit with Hackers

[0xA] Anti-Virus Sites have XSS vulnerabilties??

McAfee Avert Labs

Cutting edge security research as it happens.......

[0x1] Targeted Internet Explorer 0day Attack Announced (CVE-2010-0806)

[0x2] Apple Announces iPad Availability: Watch Out for Scams!

[0x3] Wiseguys Botnet First in Line for Concert, Sports Tickets

[0x4] On Olympics, St. Patrick’s Day, Screensavers, and Wallpaper

[0x5] Valentine’s Day Searches Lead to Malware

[0x6] McAfee Labs Quarterly Threat Report Posted

[0x7] Dave Marcus: Ready for an Oscar

[0x8] Protecting Privacy by Design

[0x9] Hackers Disrupt European CO₂ Market

[0xA] Be careful on help files

Virus and worm news from Network World

The latest virus and worm news and analysis from NetworkWorld.com.

[0x1] DHS Urges 'Sense of Urgency' for Cyber Security

[0x2] Dept of Homeland Security Crowdsources Cybersecurity

[0x3] Underrated computing threats you need to know about

[0x4] Cisco develops VPN client for PCs, smartphones

[0x5] 15 Free Security and Backup Utilities

[0x6] Microsoft Uses Legal System to Combat Botnet

[0x7] One or Two Anti-Malware Programs?

[0x8] Enterprise Security Tips on a Small-Business Budget

[0x9] Virtualised USB key beats keyloggers

[0xA] Free VirusTotal Uploader Links to 40 Antivirus Programs

Vitalsecurity.org

A Revolution is the Solution

[0x1] Tory sites compromised, voters told to "Vote Labour!"

[0x2] Hotbar has a whale of a time

[0x3] Dissecting a Twitter fakeout

[0x4] Mr Bean Rides Again - On mdamirpur.gok.pk

[0x5] Beware: Facebook FriendsForSale Scam Program

[0x6] Console Threats: An Interview

[0x7] Zynga Policy Team Phish

[0x8] Use Omegle? Watch out for rogue URL spreaders...

[0x9] UK Researcher joins Sunbelt

[0xA] MSN Addon spins you a new playlist...

halsten

arbitrary dump

[0x1] Security Conference(s)

[0x2] Zend Studio For Eclipse v.6.1 Keygen

[0x3] Reversing Pro Evolution Soccer 6 - End

[0x4] Reversing Pro Evolution Soccer 6 - Part 3

[0x5] Reversing Pro Evolution Soccer 6 - Part 2

[0x6] Reversing Pro Evolution Soccer 6 - Part 1

[0x7] Reversing Pro Evolution Soccer 6 - Intro

[0x8] Facebook Puzzles Solution

[0x9] Backdoor.W32.Small.PF Analysis

[0xA] Simple PE Viewer (wxWidgets)

Computer Security News

News on Computer Security continually updated from thousands of sources around the net.

[0x1] Microsoft warns of new IE bug; attacks under way

[0x2] AOptix Technologies Announces DaonAdvantage Partnership

[0x3] Mariposa Botnet Malware Found On Vodaphone HTC Magic

[0x4] Trend Micro Threat Research Report: 9 Million ZeuS Attacks Blocked by ...

[0x5] Watch The Story

[0x6] FDIC: Hackers Took More Than $120M in Three Months

[0x7] Google-China attack led by amateurs

[0x8] Cyber Attack Defense a New Growth Industry? 5 Stocks to Watch

[0x9] Ford Offers Security Features To Protect Owners' Personal Information As Cars, Internet Converge

[0xA] Thailand Approves Credit Card Hacker's Extradition to US

shell-fu

[0x1] Tip #894: Watch for Ubuntu 9.10 Launch

[0x2] Tip #892: Check memory and swap from command line

[0x3] Tip #889: Convert virtually any video into a DVD-valid MPEG2 stream

[0x4] Tip #885: Random password generator.

[0x5] Tip #882: Find last modified files on a filesystem

[0x6] Tip #879: Learn not to mistype ls

[0x7] Tip #878: Random xkcd comic

[0x8] Tip #874: Count how many packages have been installed by pacman

[0x9] Tip #873: Import ssh host keys without verification

[0xA] Tip #872: Reverse geocode with bash

Full Disclosure

An unmoderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately 80% of the posts are worthless drivel, so finding the gems takes patience.

[0x1] Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit

[0x2] Secunia Research: Employee Timeclock Software "mysqldump" Password Disclosure

[0x3] Secunia Research: Employee Timeclock Software SQL Injection Vulnerabilities

[0x4] Secunia Research: Employee Timeclock Software Backup Information Disclosure

[0x5] CVE-2010-0624: Heap-based buffer overflow in GNU Tar and GNU Cpio

[0x6] Re: Ubisoft DDoS

[0x7] Re: Mozilla Firefox 3.6 plenitude String Crash(0day) Exploit

[0x8] [SECURITY] [DSA 2009-1] New tdiary packages fix cross-site scripting

[0x9] Vulnerabilities in Hydra Engine

[0xA] iDefense Security Advisory 03.09.10: Microsoft Excel MDXTUPLE Record Heap Overflow Vulnerability

ITWeb News Feed

Latest ICT news

[0x1] Kaspersky reveals six newcomers

[0x2] DCC extends Dell partnership

[0x3] Nokia waters its green strategy

[0x4] Social networking transforms data warehousing

[0x5] Miscommunication damages projects

[0x6] The data warehouse equals profit base

[0x7] Panda, Against Intuition fight cyber crime

[0x8] Building a Web 2.0 enterprise

[0x9] iBurst looks to newly licensed

[0xA] More fuss over Nyanda's cars

The UNIX and Linux Forums

UNIX and Linux Forums - Learn UNIX, UNIX commands, Linux, Operating Systems, System Administration, Programming, Shell, Shell Scripts

[0x1] BUY HTC GOOGLE NEXUS ONE $400,IPHONE 3G S 32GB,SONY SATIO $300,HTC HERO $300

[0x2] shell script to run x times

[0x3] export not working in bash shell

[0x4] ksh help assigning specific values to variable in script

[0x5] Creating VirtualBox-Image as "harddisk" by shell-script

[0x6] Custom libraries possible on AIX 4.2 ?

[0x7] logging out users

[0x8] Help with minix

[0x9] capture values using multiple regex patterns

[0xA] K script not running / syntax problem

Podcasts

Listen to the latest Podcasts from Veracode

[0x1] Detecting "Certified Pre-owned" Software and Devices

[0x2] Application Outsourcing Podcast

[0x3] InfoSec Europe Conference

[0x4] PCI Primer - Introduction to PCI Compliance

[0x5] Veracode Announces Technology and Service Breakthroughs

[0x6] Veracode Talks Security with InfoWorld

[0x7] Automated Vulnerability Assessment

[0x8] How Vulnerabilities Get Into All Software

[0x9] Software Security Testing: Strengthening Your Defense Strategy

[0xA] Software Security Testing: Demanding Software Security

OSVDB Blog :

Everything Is Vulnerable

[0x1] iDefense VCP as seen through OSVDB

[0x2] February Update: OSVDB Winter 2010 Fundraising Goal

[0x3] Time to.. Track More Data

[0x4] Open Security Foundation - Advisory Board - Call for Nominations

[0x5] Open Security Foundation - State of the Union 2010

[0x6] January Update: OSVDB Winter 2010 Fundraising Goal

[0x7] Microsoft, Aurora and something about forest and trees?

[0x8] Challenge: OSVDB Winter 2010 Fundraising Goal

[0x9] Adobe, Qualys, CVE and Math

[0xA] OSVDB 2009 Q4 Changelog

CAcert NEWS Blog

CAcert NEWS and up coming events.

[0x1] ate-OZ

[0x2] Thawte Points Transfer and Removal of Points at Nov 16th 2010

[0x3] CeBIT 2010 closed - Co-Audited Assurances Program Launch

[0x4] Community 2010 February Update

[0x5] Linux Release Party May 29th 2010 - Reehorst, Ede, Netherlands

[0x6] May 6th 2010, NLUUG Spring Conference - System administration, Ede - Netherlans

[0x7] CAcert zu Gast bei Linux New Media auf der CEBIT 2010, Halle 2, Stand F34

[0x8] CAcert AGM, New Board and Annual Report

[0x9] CAcert at FOSDEM 2010

[0xA] PoJAM - PolicyOnJuniorAssurersMembers moves to DRAFT

2600: The Hacker Quarterly

Off The Hook and Off The Wall

[0x1] Off The Wall show for March 9, 2010

[0x2] Off The Hook show for March 3, 2010

[0x3] VERIZON OUTAGE FINALLY OVER AFTER FOUR DAYS

[0x4] THE NEXT HOPE PREREGISTRATION NOW OPEN

[0x5] CALL FOR SPEAKERS FOR THE NEXT HOPE

[0x6] WINTER ISSUE OF 2600 RELEASED

[0x7] 2600 POLO SHIRTS ARE OUT!

[0x8] CLUB MATE NOW AVAILABLE THROUGH 2600

[0x9] AUTUMN ISSUE OF 2600 RELEASED

[0xA] SUMMER ISSUE OF 2600 RELEASED

Zero in a bit

Application security testing, analysis, and metrics

[0x1] Veracode at RSA 2010

[0x2] Mobile Malware Counterpoints

[0x3] In Which We Dispel Misconceptions

[0x4] Is Your BlackBerry App Spying on You?

[0x5] Mobile App Security

[0x6] Google Admitting Compromise Good News

[0x7] An Ounce of Prevention is Worth a Pound of Cure

[0x8] We Need To Learn More About the RBS Worldpay ATM Attack

[0x9] White Box Better Than Black Box

[0xA] From the 10 Years Ago Today Department

Unwired: Building & Maintaining Secure Wireless Networks

Journey into the latest in wireless technology! You'll find updates on new security issues and vulnerabilities, information on IEEE standards, advice on networking hardware, and unique insight on building and maintaining a secure wireless network.

[0x1] Quantum Cryptography

[0x2] In-Flight Wi-Fi

[0x3] Economic effects on IT Field

[0x4] Blackberry Storm Simulator

[0x5] 3G Wireless

[0x6] Wireless Network Users have Come a Long Way!

[0x7] Dilemma of a Passionate Programmer

[0x8] Can Old Wireless Network Interface Cards be Upgraded to Support WPA?

[0x9] Ramifications of a Cracked WPA Passphrase

[0xA] More Ramblings on WiFi Allergies

HSC Security Portal

Hackers Center Security Portal is one of the most complete, updated and visited Securty portals on the net. We offer Security Blogs, Exploits, Texts, Tools

[0x1] Scrubyt 0.4

[0x2] Sahi V3

[0x3] UrlParams 2.2.0

[0x4] TemperIE

[0x5] Nikto 2

[0x6] hcraft 1.0.0

[0x7] MSNPawn 1.1

[0x8] httprint

[0x9] DIRB

[0xA] WebInject 1.4

Twitter / exploitdb

Twitter updates from Exploit Database / exploitdb.

[0x1] exploitdb: 60cycleCMS Persistent XSS Vulnerability http://url4.eu/1jV7u

[0x2] exploitdb: Campsite v3.3.5 CSRF Vulnerability http://url4.eu/1jV7t

[0x3] exploitdb: Friendly-Tech FriendlyTR69 CPE Remote Management v2.8.9 SQL Injection Vulnerability http://url4.eu/1jV7s

[0x4] exploitdb: NUs Newssystem v1.02 (id) SQL Injection Vulnerability http://url4.eu/1j9bZ

[0x5] exploitdb: JAD java decompiler 1.5.8g (.class) Stack Overflow DoS http://url4.eu/1j1Zm

[0x6] exploitdb: JAD java decompiler 1.5.8g (argument) Local Crash http://url4.eu/1j1Zn

[0x7] exploitdb: mhproducts kleinanzeigenmarkt search.php SQL Injection http://url4.eu/1j1Zl

[0x8] exploitdb: SQL injection vulnerability in Wild CMS http://url4.eu/1j1Zk

[0x9] exploitdb: Rsstatic SQL Injection http://url4.eu/1j0Xd

[0xA] exploitdb: Subdreamer 2.4.3 and 3.0.1 XSS http://url4.eu/1j0Xe

Smart Security by Dharmesh M Mehta

An Application Security Blog

[0x1] About the 'Rugged' Initiative

[0x2] Plenty of (IN)Secure Broadband Routers

[0x3] Mumbai to Host India’s First e-Crime Forum

[0x4] Latest Phishing Site of ICICI Bank

[0x5] Application security should be addressed in initial SDLC stages

[0x6] Can your Exchange Administrator view your mailbox

[0x7] No Built-In Response.HTMLEncode in Java

[0x8] Dev Tools for Security Testing

[0x9] Botnet Attack Details from Kaspersky

[0xA] Isn't that Impossible?

Zero Day

Tracking the hackers

[0x1] Microsoft plugs dangerous Excel security holes

[0x2] New Microsoft IE zero-day flaw under attack

[0x3] Vodafone HTC Magic shipped with Conficker, Mariposa malware

[0x4] Researchers build 8,000-strong smartphone botnet

[0x5] 'Highly critical' flaw found in Opera browser

[0x6] Energizer battery charger contains backdoor

[0x7] Police arrest Mariposa botnet masters, 12M+ hosts compromised

[0x8] A Special Offer From Our Sponsor

[0x9] Microsoft Patch Tuesday heads-up: 2 bulletins, 8 vulnerabilities

[0xA] Mozilla's Window Snyder heads to Apple

Jeremiah Grossman

A page to show up #1 on Google when searching for "Jeremiah" (Currently #5).
The prophet, TV show, and that pesky Owyang guy going down!

A page to show up #1 on Google when searching for "Jeremiah Grossman", and it FINALLY has!

[0x1] Best of Application Security (Friday, Mar. 5)

[0x2] Best of Application Security (Friday, Feb. 26)

[0x3] Compliance and Habit holding back Application Security

[0x4] Best of Application Security (Friday, Feb. 19)

[0x5] Hey Massachusetts, where is your application security requirement?

[0x6] Infrastructure vs. Application Security Spending

[0x7] Best of Application Security (Friday, Feb. 12)

[0x8] Where's WhiteHat? Re: Scanner Comparisons

[0x9] Best of Application Security (Friday, Feb. 5)

[0xA] Web 2.0 Pivot Attacks

StatCounter Blog

[0x1] StatCounter – SC4 Conversion

[0x2] No Referring Link – Explained

[0x3] Season’s Greetings

[0x4] Unique Visitors – YOUR Questions Answered

[0x5] Unique Visitors – Explained

[0x6] General News

[0x7] Attack of Nasty Ads!

[0x8] StatCounter User Types

[0x9] NEW: Restricted Public Stats

[0xA] Bing Overtakes Yahoo!

BBC News | Technology | World Edition

Get the latest BBC Technology News: breaking news and analysis on computing, the web, blogs, games, gadgets, social media, broadband and more.

[0x1] File-sharing sanctions 'unfair'

[0x2] Mobile phone allows boss to snoop

[0x3] Facebook calls for 'iconic games'

[0x4] Hard drive evolution could hit XP

[0x5] Porn net domain name plan revived

[0x6] Banking fraud 'moves to internet'

[0x7] Nanotech 'fuse' for novel battery

[0x8] Internet access 'a human right'

[0x9] Games migrate to the social side

[0xA] dot.Rory

US-CERT Cyber Security Alerts

US-CERT Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits. Cyber Security Alerts are released in conjunction with Technical Cyber Security Alerts when there is an issue that affects the general public. Cyber Security Alerts outline the steps and actions that non-technical home and corporate computer users can take to protect themselves from attack.

[0x1] SA10-068A: Microsoft Updates for Multiple Vulnerabilities

[0x2] SA10-040A: Microsoft Updates for Multiple Vulnerabilities

[0x3] SA10-021A: Microsoft Internet Explorer Vulnerabilities

[0x4] SA10-013A: Adobe Reader and Acrobat Vulnerabilities

[0x5] SA10-012B: Microsoft Windows and Adobe Flash Player 6 Vulnerabilities

[0x6] SA09-343A: Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR

[0x7] SA09-342A: Microsoft Updates for Multiple Vulnerabilities

[0x8] SA09-314A: Microsoft Updates for Multiple Vulnerabilities

[0x9] SA09-286B: Multiple Vulnerabilities Affect Adobe Reader and Acrobat

[0xA] SA09-286A: Microsoft Updates for Multiple Vulnerabilities

Unpersons

You are not alone...

[0x1] Episode 032

[0x2] Episode 031

[0x3] We’re not Dead Yet!

[0x4] Episode 030

[0x5] Episode 029

[0x6] Episode 028

[0x7] Episode 027

[0x8] Episodes 27 28 and 29

[0x9] Holy DEFCON, Batman!

[0xA] Holla!

Liquidmatrix Security Digest

Bringing Fire To The Village: Your Source For Computer, Network & Information Security News from Dave Lewis, Security Blogger

[0x1] CSIS Goes Looking For Help

[0x2] Remote Apache Vulnerability Announced

[0x3] Security Briefing: March 8th

[0x4] RSA 2010: Outtakes

[0x5] Security Briefing: March 5th Afternoon Edition

[0x6] RSA Conference 2010: Groundhog Day Panel

[0x7] Security Briefing – March 2nd

[0x8] RSA 2010, Boots On The Ground

[0x9] Google Execs Found Guilty In Italy

[0xA] Security Briefing: February 23rd

CSO Blogs - Physical Security

[0x1] Foreshadowing - Behind Bars Where He Belongs - Adam Perlman

[0x2] Hacker, Cracker, Salafi, Spy - Be There!

[0x3] Joseph Stack, Small Aircraft and al-Qa'eda

[0x4] Connecticut AG files HITECH Act Law Suit…holy IT health records enablement!!

[0x5] CyberTerror - the Arms Race We're Losing

[0x6] High Tech Firms Who Outsource Software Development to China - The Dirty Little Secret

[0x7] Good riddance!

[0x8] $200 Discount for RSA

[0x9] Strategic guidance for applying PCI-DSS tactics.

[0xA] Last Minute Gift Ideas for the Security Professional in Your Life

Securityvulns exploits channel

Securityvulns exploits newsline

[0x1] sudo-xpl.sh

[0x2] easyftp.py

[0x3] operaex.html

[0x4] iMailDecrypt.py

[0x5] nautiluspoc.tar.gz

[0x6] cmsd_exploit.c

[0x7] 360secex.c

[0x8] serversman.py

[0x9] Rising0day.cpp

[0xA] server.c

Internet Security News and Analysis

News, commentary and analysis on the threat to our Internet-based infrastructures and to your home computer. Track trends in the cyber threat and stay up to speed on the latest measures you can take to stop the threat to your systems.

[0x1] MSNBC - Cyber attacks on corporations are rising

[0x2] Big Security Guns Should Aim Carefully at Adware, Spyware

[0x3] Ten Not-So-Simple Rules for Using the Internet

[0x4] Networks and Netwars: The Future of Terror, Crime, and Militancy

[0x5] Hackers poison DNS

[0x6] Boston.com / Business / Payroll website still not secured

[0x7] Hackers invaded state Web sites 72 times in five years

[0x8] Hackers invaded state Web sites 72 times in five years

[0x9] Cyber warriors anticipate center

[0xA] Adware maker joins federal privacy board

Black Hat Announcements

Black Hat Digital Self Defense. Black Hat provides cutting edge content in the information and computer security field. Keep up to date with Black Hat presentations, announcements, and free content.

[0x1] Black Hat USA 2010 Training: Application Security: For Hackers and Developers

[0x2] Black Hat USA 2010 Training: Assaulting IPS

[0x3] Free Black Hat March Webcast - Pen Testing the Web with Firefox by Michael Schearer ("theprez98")

[0x4] Black Hat USA 2010 Registration Now Open!

[0x5] Black Hat USA 2010 Call for Papers Closes May 1

[0x6] Black Hat Europe 2010 Call for Papers Closes March 1

[0x7] Feb 18 Webcast

[0x8] Black Hat DC 2010 - News - Security chip that does encryption in PCs hacked

[0x9] Black Hat DC Keynote

[0xA] Black Hat Europe 2010 Registration Now Open

Latest Analysis for All Threats

[0x1] Monthly Malware Statistics: February 2010

[0x2] Patching human vulnerabilities

[0x3] Spam evolution: January 2010

[0x4] Kaspersky Security Bulletin 2009. Malware Evolution 2009

[0x5] Kaspersky Security Bulletin: Spam Evolution 2009

[0x6] Kaspersky Security Bulletin 2009. Statistics, 2009

[0x7] Monthly Malware Statistics: January 2010

[0x8] Spam evolution: December 2009

[0x9] Monthly Malware Statistics: December 2009

[0xA] Spam evolution: November 2009

ARN Security

ARN Security

[0x1] Microsoft warns of new IE bug; attacks under way

[0x2] Kaspersky invents security suite for 'expert' user

[0x3] Online security questions are too easy to answer

[0x4] US lifts Iran, Sudan, Cuba Internet services export ban

[0x5] Internet hit by wave of ransom malware

[0x6] AVG (AU/NZ) kickstarts new reseller commission program

[0x7] RSA extends security tools to VMware

[0x8] Microsoft plans to patch 8 Windows, Office bugs next week

[0x9] FBI embeds cyber-investigators in Ukraine, Estonia

[0xA] Source code management a weak spot in Aurora attacks

Subreption Blog

A surreptitious look over the work of an innovative startup.

[0x1] Why Linux security has failed (for the past 10 years)

[0x2] KERNHEAP for the Linux kernel 2.6 released

[0x3] Runtime binary loading via the dynamic loader on Apple Mac OS X

[0x4] Minor security fixes for Pyblosxom

[0x5] Apple Mac OS X 10.4 temp_patch_ptrace(): Nonsense in kernel-land

[0x6] Linux Kernel Silent Patching: VMI write_ldt_entry() privilege escalation

[0x7] Custom shellcode and return-to-libc on Mac OS X

[0x8] Marshal and Native API bridging on Microsoft Windows (NT)

[0x9] Pyblosxom and mod_wsgi benchmark

[0xA] PatchDiff 2 by Tenable Security

Lenny Zeltser's Website

Lenny Zeltser's publications, research, and projects related to information security, risk management, business, and life in general.

[0x1] Critical Log Review Checklist for Security Incidents

[0x2] 5 Steps to Building a Malware Analysis Toolkit Using Free Tools

[0x3] SANS Malware Course Now Covers Analysis of Malicious Documents and Memory Forensics

[0x4] Interview on InfoSec Daily Podcast

[0x5] Analyzing Malicious Documents Cheat Sheet

[0x6] What to Include in a Malware Analysis Report

[0x7] Free Online Tools for Looking Up Potentially Malicious Websites

[0x8] Public Blocklists of Suspected Malicious IPs and URLs

[0x9] Free Automated Malware Analysis Services

[0xA] What to Include in a Malware Analysis Report

The RISKS Digest

The website of the RISKS mailing list

[0x1] Growing Threat to GPS Systems From Jammers

[0x2] Sat-nav systems under growing threat from 'jammers'

[0x3] More on Risks of EMV Legacy Compatibility

[0x4] Self-Signed Certificates Strike Again?

[0x5] Facebook friended, boyfriend offended, tragically ended

[0x6] Google: Serious threat to the web in Italy

[0x7] Fault-Tolerance as a Risk

[0x8] School District Spying on Students at Home?

[0x9] A Message from Ric Edelman about data lost

[0xA] Nationwide Technetium shortage: coinciding reactor failure/maintenance

nixCraft Linux Sys Admin Blog

This is a Linux sys admin journal by Vivek about sys admin work, Linux tips & tricks, hacks, news and more.

[0x1] Top 20 Nginx WebServer Best Security Practices

[0x2] Arrrggg: Open Source Users Are Pirates

[0x3] Download of the day: GNU/Linux Advanced Administration PDF Book

[0x4] 10 Greatest Open Source Software Of 2009

[0x5] HowTo: Create sar Graphs With kSar [ Identifying Linux Bottlenecks ]

[0x6] Google Public DNS Servers Launched

[0x7] nixCraft FAQ PDF Collection Now Available To All

[0x8] FreeBSD 8.0 Review: Enterprise Ready Server Operating System

[0x9] Download Fedora 12 CD / DVD ISO

[0xA] Linux / Windows Application For Prevention Of RSI (Repetitive Strain Injury)

Christopher Mills

A place for stuff I write.

[0x1] That Shrimp Damn Near Melted My Face Off

[0x2] Today is cookie-baking day

[0x3] New Direction For This Blog

[0x4] Article: The Best Way To Remediate

[0x5] Installing and Configuring suPHP on CentOS 5.3

[0x6] Common Remediation Owner Enumeration (My Faux Standard In Development)

[0x7] Getting the data from the DB into the PHP Classes

[0x8] PHP Class for Calculating SCAP CVSS V2 Device Specific Score

[0x9] PHP Class for Getting all the SCAP Details

[0xA] How I store my Data

Sun Bloggers

Welcome to Blogs.sun.com! This space is accessible to any Sun employee to write about anything.

[0x1] Kinamik Data Integrity secures Solaris audit trails

[0x2] The Web 2.0 Identity Problem: Who are you really?

[0x3] MySQL University: Securich - Security Plugin for MySQL

[0x4] Running a secure application in Glassfish Embedded Server

[0x5] Securing Web Service using Secure Token Service

[0x6] Announcing XML Signature 1.1 and Signature Properties Last Call

[0x7] OpenOffice.org 3.2 available - a highly recommended update

[0x8] New Security Features in Glassfish v3 (Java EE 6) - Part III

[0x9] Important new features in latest PatchFinder release

[0xA] GlassFish ESB v2.x - Reading and Writing arbitrary SOAP Headers in BPEL 2.0 using NMProperties

Search Engine Watch Discussion Forums

Search Engine Watch Forums

[0x1] anyone can review my website?

[0x2] Google Mess search results

[0x3] 301 Permanent Redirection

[0x4] Hello world

[0x5] Search Marketing Desktop tool out of beta

[0x6] What do you seek in a PPC management tool?

[0x7] Google analytics and multiple sites

[0x8] Utilizing subdomains pointing to internal site structure.

[0x9] Expired Domain -Kills Quality Score on Adwords- How Do We Rescue site?

[0xA] on site search

CSOONLINE.com - Identity Theft

[0x1] Delayed Again: Red Flags Rule Deadline Now June 1, 2010

[0x2] A Look At Stolen Hotmail Data Finds Simple Passwords

[0x3] School Boards Hit with Cash-Stealing Trojan

[0x4] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x5] Hacker Gonzalez Pleads Guilty to 20 Charges

[0x6] SQL injection Attacks Led to Heartland, Hannaford Breaches

[0x7] Mass. Makes Changes to ID Theft Regulations

[0x8] LexisNexis Warns of Breach After Alleged Mafia Bust

[0x9] Report: Social Security Numbers Easy to Guess

[0xA] Seven Deadly Sins of Social Networking Security

CSOONLINE.com - Disaster Recovery

[0x1] Massive Storms Don't Halt D.C. IT Ops

[0x2] DDoS Returns: What Researchers Are Learning About Targets, Tactics

[0x3] Disaster in Haiti: Advice for Employees and Operations on the Ground

[0x4] Chemical Spill Response: How Dow is Training Small Town America to Handle Hazmat Emergencies

[0x5] Business Continuity and Disaster Recovery in a Tornado Zone

[0x6] Symantec: Disaster Recovery Pressures Mount for Business

[0x7] Survey: Business Continuity Plans Factor in Mobile, Social Networking

[0x8] Swine Flu: What Exactly Does Phase 5 Mean?

[0x9] Swine Flu: To Fear is to Fail

[0xA] Swine Flu: How to Make Biz Continuity Plans

(IN)SECURE Magazine Notifications RSS

Notifications of new (IN)SECURE Magazine issues.

[0x1] (IN)SECURE Magazine Issue 24

[0x2] (IN)SECURE Magazine Issue 23

[0x3] (IN)SECURE Magazine Issue 22

[0x4] (IN)SECURE Magazine Issue 21

[0x5] (IN)SECURE Magazine Issue 20

[0x6] (IN)SECURE Magazine Issue 19

[0x7] (IN)SECURE Magazine Issue 18

[0x8] (IN)SECURE Magazine Issue 17

[0x9] (IN)SECURE Magazine Issue 16

[0xA] (IN)SECURE Magazine Issue 15

CSOONLINE.com - Strategic Planning

[0x1] The Myth of Convergence

[0x2] Minimize Risk by Maximizing Accountability

[0x3] The Cloud Security Survival Guide

[0x4] Federal Data Security Law: 'Careful What You Wish For'

[0x5] Survey Says More Companies Hiring CSOs, Holding Steady on Spending

[0x6] The Seven Deadly Sins of Security Policy

[0x7] 7 Ways Security Pros DON'T Practice What They Preach

[0x8] No Excuses: Managing Operational Risk

[0x9] How to Succeed in a Two-Faced IT Security Job Market

[0xA] Surviving Layoffs: Five Career Lessons from the Security Trenches

chandanlog(3C)

Chandan's blog

[0x1] Fast Forward in Time: Flower Bloom

[0x2] Desktop OS for Personal Computing

[0x3] Netbooks and the end of the Laptop Decade

[0x4] Home Theater Architecture

[0x5] Can you lend me your iPhone for a minute?

[0x6] Doing the same thing again and expecting different results

[0x7] To prevent auto-reply e-mails

[0x8] Secure your Wi-Fi networks now!

[0x9] Notes from the 20th FIRST conference in Vancouver

[0xA] In the heart of Europe

leetupload.com

NewsFeed for leetupload.com

[0x1] New Tutorial - How the Microprocessor Works

[0x2] Famous - Copper Heatsink/Wine Chiller Idea on engadget and Hack a Day!

[0x3] Copper Heatsink on the Rocks Mod Finished

[0x4] Another Tutorial - Technical Practical Jokes

[0x5] New Tutorial - Campus WarWalking

[0x6] IRC Up For Use, and IRC Java Client is Here to Stay!

[0x7] VIRII AND EXPLOIT DATABASE IS UP!

[0x8] Updates

[0x9] Mineral Oil PC, Woot!

[0xA] Signing up for the Virii DB = Great Success, Very Nice!

LinuxSecurity.com: SuSE Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] SuSE: 2010-016: Linux kernel

[0x4] SuSE: 2010-015: Mozilla Firefox

[0x5] SuSE: 2010-014: Linux kernel

[0x6] SuSE: Linux kernel

[0x7] SuSE: Linux kernel

[0x8] SuSE: postfix

[0x9] SuSE: Linux kernel

[0xA] SuSE: Linux kernel

Information Security Resources

Part of the Infosec Island ™ Network

[0x1] Tracking Google’s Script Kiddie Hackers

[0x2] Newbie Introduction to Digital Forensics Part 2

[0x3] Simple Log Review Checklist Released

[0x4] Press F1 for Help? Microsoft Zero Day Threat!

[0x5] A Newbie’s Introduction to Digital Forensics

[0x6] Security Best Practice: Trust But Verify…

[0x7] Google, Adobe, and Big Oil Under Attack!

[0x8] Building your OWN Malware Lab (Part 2)

[0x9] How Twitter Spam Steals From Google, Yahoo!

[0xA] Tech Stocks Week in Review Featuring iPad

Aladdin Knowledge Systems Latest eToken Press Releases

Aladdin Knowledge Systems Latest eToken Press Releases - RSS Feed

[0x1] Ontario's York Regional Police Meet Canadian Government Regulations with Aladdin eToken

[0x2] Russian Bank Secures Online Banking with Aladdin Authentication

[0x3] Aladdin eToken Solidifies Its Position in Government Sector on Carahsoft GSA Schedule

[0x4] Aladdin eToken and Aladdin SafeWord are Verified as Citrix Ready

[0x5] Aladdin and Wyse Partner to Secure Virtual Desktops

[0x6] Korea's Largest Bank Deploys 5,000 Aladdin eToken Authentication Devices

[0x7] Aladdin Secures Transactions for China's Largest Online Financial Information and Services Provider

[0x8] Aladdin eToken Debuts New Generation of Strong Authentication Solutions

[0x9] Toronto-Area Police Secure Data and Meet CPIC Regulations with Aladdin eToken

[0xA] Secure Computing Named Reader Trust Finalist in SC Magazine Award Program and Best of 2006 in Three Categories

CSOONLINE.com - Federated IDM

[0x1] Social Networking a Tool for More Secure Identity Management? No Joke!

[0x2] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x3] Why Security Pros Hate Microsoft SharePoint (and What to Do About It)

[0x4] Federated ID: An Idea Whose Time Never Came?

[0x5] Identity Management: Implementation Dos and Dont's

[0x6] Identity Management: Critical Components

[0x7] An Introduction to Identity Management

[0x8] Strong Authentication for Online Banking: Success Factors

[0x9] Thinking of Doing Federated Identity Management?

[0xA] The Truth About Federated Identity Management

InfoSecPodcast.com

Information Security related news, opinions and ramblings

[0x1] How-to on securing PDF documents

[0x2] Updating my feed location…thanks Google

[0x3] Most dangerous keywords to search for

[0x4] MIT Lincoln Lab Network Security Software

[0x5] 3 open InfoSec positions at MIT Lincoln Laboratory

[0x6] NAC Panel Discussion: What is the state of NAC?

[0x7] Record IM video on the network?

[0x8] WoW adds 2 factor authentication

[0x9] New blog theme

[0xA] Twitter + Security = Security Twits

Zend Developer Zone (DevZone) - Advancing the art of PHP

advancing the art of PHP. Best practices, samples, articles, news, and community for PHP 4, PHP 5, and beyond.

[0x1] DZone.com: Q&A with Jason Gilmore: The Zend Framework

[0x2] Ben Scholzen's Blog: Modern Application Design - Part 1

[0x3] Matthew Weier O'Phinney's Blog: Responding to Different Content Types in RESTful ZF Apps

[0x4] Do you queue? Introduction to the Zend Server Job Queue

[0x5] Creating Scalable Vector Graphs with PHP

[0x6] Michael Kimsal's Blog: Zend Framework and Doctrine integration - autoloading of doctrine models

[0x7] Rob Allen's Blog: Zend Framework, IIS and 500 errors

[0x8] System i Network's IBM i Essentials 2010 Virtual Conference will feature PHP!

[0x9] How to avoid Identity Theft in Zend Framework with Zend Auth

[0xA] Juozas Kaziukenas' Blog: Don't be afraid of PHP 5.3

kuro5hin.org

technology and culture, from the trenches

[0x1] Ogg Frog Magazine #6

[0x2] The Secret: A Review of Dulcinea Technologies Corporation's Debut Product

[0x3] Cars, Value Engineering, and Bugs

[0x4] Hopeless romantic Chinese Ph.D candidate arrested

[0x5] The Jarmidor, Part 3

[0x6] 15 Yards: The Unsportsmanlike Tax Evasion of the NFL

[0x7] Obama The First Year

[0x8] Our Trip to Cuba

[0x9] Applying the First Amendment to Corporations: Well established and a good idea

[0xA] Tweaking K5

PCI Security Standards Council News

Latest press releases from PCI SSC

[0x1] Bruce Rutherford Named New PCI Security Standards Council Chairperson

[0x2] PCI Security Standards Council Launches Global Website With New Resources In Eight Languages

[0x3] PCI Security Standards Council Opens Ask The Council Webinar To All

[0x4] PCI Security Standards Council Enters Next Phase of Data Security Standards Development

[0x5] PCI Security Standards Council Provides Best Practices For Skimming Prevention

[0x6] PCI Security Standards Council Wireless Special Interest Group Publishes New Giude to Wireless Security

[0x7] PCI Security Standards Council Appoints Lead Trainer

[0x8] PCI Security Standards Council Invites Collaboration On Next Generation Security Standards

[0x9] PCI Security Standards Council Announces New Board Of Advisors

[0xA] PCI Security Standards Council to Hold First Standards Training Session in Asia Pacific

Securosis Blog

Main Securosis Blog

[0x1] Incite 3/9/2010 - Ten Reasons I Love the RSAC

[0x2] Is It Wireless Security or Secure Wireless?

[0x3] SecurosisTV: Low Hanging Fruit - Endpoint Security

[0x4] RSA Tomfoolery: APT is the Fastest Way to Identify Fools and Liars

[0x5] Securosis at RSA Conference 2010

[0x6] FireStarter: Will Social Media Kill the Conference Star?

[0x7] RSAC 2010 Guide: Compliance

[0x8] Friday Summary: February 26, 2010

[0x9] RSAC 2010 Guide: Security Management

[0xA] Retro Buffoonery

Cisco Learning Home : All Content - Security

All Content in Security

[0x1] ASA vs PIX

[0x2] Cisco WCCP Security

[0x3] ASA - Inspect ICMP with PMTUD

[0x4] ASA Guidelines - VLANS

[0x5] IPv6 security concerns

[0x6] VPN Client

[0x7] Some Questions on ISCW

[0x8] Security Specialist Certifications

[0x9] Cisco ASA 5550 Best Guide/Book

[0xA] is it possible to create VPN connection using one subnet?

Moreover Technologies - Computer security news

Computer security news - more than 340 categories of real-time RSS news feeds

[0x1] Trading Stocks Made Easy - Sponsored Link

[0x2] Twitter to begin screening some links for phishing

[0x3] Slater & Gordon director has 1.99m shares released from escrow

[0x4] Twitter fights back against phishing scams

[0x5] Betty Mould Iddrisu Is No Trojan Horse

[0x6] Twitter to screen links for phishing scams

[0x7] Vodafone UK reassures HTC Magic users over virus claims

[0x8] McAfee Warns Consumers On Fake Scam

[0x9] Exclusive: Vodafone UK reassures HTC Magic users over virus claims

[0xA] Hackers target freshly uncovered Internet Explorer hole

CSOONLINE.com - Compliance

[0x1] Five Security Missteps Made in the Name of Compliance

[0x2] PCI DSS, Come Forward and Be Judged

[0x3] Compliance as Security: The Root of Insanity

[0x4] 4 Cheap Options to Monitor Networks for Evidence

[0x5] The Mass. 201 CMR 17 Survival Guide

[0x6] PCI DSS: No Angel, But Certainly Not the Devil

[0x7] Federal Data Security Law: 'Careful What You Wish For'

[0x8] Analyst: PCI Security a Devil, 'Like No Child Left Behind'

[0x9] Delayed Again: Red Flags Rule Deadline Now June 1, 2010

[0xA] IT Security Outsourcing in Decline; Companies Do More In-house

US-CERT Current Activity

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

[0x1] Microsoft Releases March Security Bulletin

[0x2] Energizer DUO USB Battery Charger Software Allows Remote System Access

[0x3] Cisco Releases Multiple Security Advisories

[0x4] Microsoft Releases Advance Notification for March Security Bulletin

[0x5] U.S. Census Bureau 2010 Census Campaign Warning

[0x6] Microsoft Re-Releases Security Bulletin MS10-015

[0x7] Microsoft Releases Security Advisory to Address VBScript Vulnerability

[0x8] Adobe Releases a Security Update for Download Manager

[0x9] Mozilla Releases Security Advisories

[0xA] Cisco Releases Multiple Security Advisories

SearchSoftwareQuality: Software quality news and advice

News, analysis and technical advice about securing applications and Web services.

[0x1] Software project manager perspective: The components of successful application development

[0x2] Software requirements gathering techniques

[0x3] Making unit testing a priority

[0x4] Excelling in Agile software development, testing and quality tutorial

[0x5] Top-notch tools for your software project manager toolbox

[0x6] Agilists share product owner stories on Scrum and Agile

[0x7] New fuel to the Agile ALM solution fire from Version One

[0x8] The Agile way, who can do it and who can't?

[0x9] Agile project estimation guided by expert Mike Cohn

[0xA] Scrum Master or Scrum project management, is there a difference?

CSOONLINE.com - Investigations/Forensics

[0x1] Reports: Internet Attacks Traced to Chinese Schools

[0x2] How to Visualize Investigations

[0x3] Internal Investigations: The Basics

[0x4] How to Protect Your Privacy from Computer Forensics

[0x5] The Digital Trail of the Maltese Falcon: Private Investigations in the Information Age

[0x6] 4 Cheap Options to Monitor Networks for Evidence

[0x7] Family Matters: A Mafia Quiz

[0x8] How to Build Your Own Digital Forensics Lab - for Cheap

[0x9] Tools To Identify Anonymous Users Online

[0xA] An Investigator's Toolkit: 5 Free Tools to Send Anonymous Messages

FaberBrent Security Blog

Security risk resilience TSCM debugging security news corporate espionage counter surveillance covert investigations counter terrorism ITSEC Bug sweeping

[0x1] The birth of the mobile phone and PCI payment

[0x2] Nearly half of Brits use the same password for all accounts

[0x3] $27 billion lawsuit could fold due to $50 covert surveillance device

[0x4] Shocking - The DWP do not keep records of how many times your data has been abused

[0x5] Met Police report shows CCTV costs £20,000 per single conviction - how many would an extra officer get per year?

[0x6] Charity offices bugged

[0x7] Mobile-phone handset complexity - the criminals friend.

[0x8] The security lessons from Britian's largest jewellery robbery

[0x9] Labour MP and Dutch VIP's suffer website data leaks found by a Google search

[0xA] Black-hatter shows how to utilise memory in Apple keyboard to create a hardware key-logger

Virtual Shadows has MOVED!

[0x1] Virtual Shadows is MOVING!

[0x2] Hacking programmable road signs

[0x3] David Lacey likes my book!

[0x4] Censoring your blog

[0x5] Book launch on Monday Central London

[0x6] ouch ....

[0x7] Achieving miracles when times are tough

[0x8] The book arrived on Tuesday

[0x9] Your iPhone as a wind instrument!

[0xA] China's Net Nannies have been busy

The RISKS Forum

Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.

[0x1] Risks Digest 25.95

[0x2] Risks Digest 25.94

[0x3] Risks Digest 25.93

[0x4] Risks Digest 25.92

[0x5] Risks Digest 25.91

[0x6] Risks Digest 25.90

[0x7] Risks Digest 25.89

[0x8] Risks Digest 25.88

[0x9] Risks Digest 25.87

[0xA] Risks Digest 25.86

Identity Theft Blog

Welcome to the most progressive identity theft blog which includes original identity theft articles, identity theft tips, and identity fraud victim solutions.

[0x1] Identity Theft Seminar

[0x2] Stolen Social Security

[0x3] Affluent Wealthy

[0x4] Digital Love

[0x5] Yahoo Email Account

[0x6] Identity Management Careers

[0x7] Company Identity Theft

[0x8] Medical Identity Theft

[0x9] Red Flags Rules

[0xA] Automatic Card Reload

Betanews

Technology News and IT Business Intelligence

[0x1] Google Maps now generates bike routes

[0x2] Google unveils its cloud-based Apps Marketplace, wants 20% revenue share

[0x3] Samsung launches its eReader, connects with Barnes & Noble

[0x4] Get your glasses ready: Samsung soars into the third dimension

[0x5] American cities fight for Google's attention

[0x6] Almost #3 now: Dell's decline is Acer's gain

[0x7] That wasn't supposed to happen: IE usage share steady since choice screen

[0x8] Sony proves PS3 is still a movie machine with HD content from all major studios

[0x9] Samsung reveals just how expensive 3D in the home is going to be

[0xA] Welcome back to the big leagues: Opera denies severity of 10.5 exploit

TheAppleBlog

TheAppleBlog, published by and for the day-to-day Apple user, is a prominent source for news, reviews, walkthroughs, and real life application of all Apple products.

[0x1] Analyst: iPhone to Overtake BlackBerry in 2011

[0x2] You Look Ridiculous: The Other Augmented Reality Issue

[0x3] Why Apple Should Buy Adobe

[0x4] First Look: FileMaker Pro 11

[0x5] Analyst: Apple “Disrupting” iPhone Competitors With Legal Threats

[0x6] Not Every iPhone Apple App to Get the iPad Treatment

[0x7] Apple’s iTunes LP 6 Months Later: LP What?

[0x8] My iPad Wish List: 10 App Requests

[0x9] Microsoft Courier Shaping Up as a Truly Novel iPad Competitor

[0xA] Apple at the Oscars

CSOONLINE.com - Industry

[0x1] RSA Conference 2010 and Security B-Sides Recap

[0x2] Listening In

[0x3] RSA Conference 2010: 4 Survival Tips

[0x4] Security B-Sides: Rise of the 'Anti-conference'

[0x5] How to Make Things Worse With IT Security Technology

[0x6] Meeting of the Minds

[0x7] Clearing The Cloud 3: Some Security What-ifs

[0x8] Schmidt Tapped as White House Cybersecurity Coordinator

[0x9] Ten 2010 IT Security Predictions, Part 2: Schmidt and ICSA Labs

[0xA] 10 Predictions for 2010: Kaminsky and Weatherford

Linux Exposed

The Linux Security and hacking Resource

[0x1] Hosted Exchange and Hosted Sharepoint

[0x2] Inspecting HTTP

[0x3] Windows Hacking and Windows Security Site

[0x4] Cracking WPA and WPA2 passwords

[0x5] Ilegal SEO techniques

[0x6] Torrents and SSH Tunnels

[0x7] Preventing Accidental Denial of Service

[0x8] Enhance Security with Port Knocking

[0x9] Analyzing Malicious SSH Login Attempts

[0xA] Formatstrings and OpenBSD

Infosec Writers Latest Security Papers

Papers submitted by security professionals are published on the site and archived for readers. Categories include cryptography, E-mail security, exploitation, firewalls, forensics, honeypots, IDS, malware & wireless security.

[0x1] The Phishing Guide

[0x2] Shedding Light on Quantum Cryptography

[0x3] Securing a Virtual Environment

[0x4] Investigating the SANS/CWE Top 25 Most Dangerous Programming Errors List

[0x5] Hacking Tools & Techniques and How to Protect Your Network from Them

[0x6] Computer Forensics: Breaking Down the 1’s and 0’s of Cyber Activity for Potential Evidence

[0x7] Steps Involved in Exploiting a Buffer Overflow Vulnerability using a SEH Handler

[0x8] Exploring Below the Surface of the GIFAR Iceberg

[0x9] Anatomy of an XSS Attack

[0xA] Failed: Information Security and Data Protection in a Consumer Digital World

Packet Storm Security Tools

Packet Storm Last 10 Tools

[0x1] gnupg-2.0.15.tar.bz2

[0x2] fwbuilder-4.0.0.tar.gz

[0x3] tor.uclibc.i686.20100309.iso

[0x4] reverberation.c

[0x5] Ravage.zip

[0x6] reglookup-0.12.0.tar.gz

[0x7] khc_0.2.tar.gz

[0x8] geoipgen-0.4.tar.gz

[0x9] nessus-xmlrpc-0.3.tar.gz

[0xA] openssh-5.4p1.tar.gz

TippingPoint Upcoming Events

Upcoming conferences, tradeshows and Webcasts/podcasts where TippingPoint is participating.

[0x1] Orlando Tech-Security Conference - Thurs., December 17, 2009

[0x2] SANS CDI East 2009 - Monday, December 14, 2009

[0x3] Network World IT Roadmap San Francisco - Thurs., December 10, 2009

[0x4] Sacramento Tech-Security Conference - Thurs., December 10, 2009

[0x5] Atlanta Tech-Security Conference - Thurs., November 19, 2009

[0x6] Milwaukee Tech-Security Conference - Thurs., November 12, 2009

[0x7] Dallas SecureWorld Expo - November 4-5, 2009

[0x8] Educause 2009 (Booths #752, 754) - Nov. 3-5, 2009

[0x9] Seattle SecureWorld Expo - October 28-29, 2009

[0xA] Pittsburgh Tech-Security Conference - Thurs., November 5, 2009

My Security Blog

Security Chronicles By Umesh Thota

www.secureblog.net

[0x1] Must Have Security Solutions (for free)

[0x2] Goolag Scanner Released!

[0x3] Change DNS ? for a Safer, Faster Online Experience

[0x4] New Theme (*Garland)

[0x5] Iconix eMail ID!

[0x6] SQL Injection Scanner

[0x7] Symantec confirms vulnerability in antivirus software

[0x8] Symantec Anti Virus Software Flawed !!!

[0x9] Security in the CLR World Inside SQL Server

[0xA] New Yahoo IM Worm Poses as 'Safety' Browser

lkml.org :

lkml.org - the realtime linux kernel mailinglist archive

[0x1] Re: [PATCH -mm] ssb: open-code dma_alloc_coherent

[0x2] Re: [PATCH -mm] ssb: open-code dma_alloc_coherent

[0x3] [PATCH] ssb: Fix CONFIG_SSB_SDIOHOST typo

[0x4] Re: [PATCH] strcmp: fix overflow error

[0x5] Re: 64-bit DMA problems with BCM4312 using b43

[0x6] Re: CVE-2009-2584

[0x7] Re: pull request: wireless-next-2.6 2009-10-28

[0x8] Re: pull request: wireless-next-2.6 2009-10-28

[0x9] Re: [Bug #14278] New message "NOHZ: local_softirq_pending 08" at e ...

[0xA] Re: NOHZ: local_softirq_pending 08

InternetNews Realtime News for IT Managers

All the top news, features, analysis and insight into enterprise and Internet technology, geared for IT managers and delivered by the best in the industry.

[0x1] U.S. Eyes Path to Press China on Internet Policy

[0x2] Is Windows 7 Service Pack Coming in Q4?

[0x3] Microsoft-Sponsored CodePlex Moves Ahead

[0x4] Microsoft Offering Software, Training for Vets

[0x5] Microsoft Patch Tuesday Includes IE Warning

[0x6] Apple's Flash Feast Could Crimp SSD Sales

[0x7] Apple Seen Gearing Up for More Patent Fights

[0x8] Symantec Tackles Mobile Security

[0x9] Microsoft: Windows Phone 7 More Than an OS

[0xA] Hackers Check Into Wyndham Hotels' Network

SecuraBit

A show for security professionals.

[0x1] SecuraBit EP51 - Malware Detection With Sunbelt Software

[0x2] Shmoocon 2010 Podcasters Meetup - NSFW!!!!!!

[0x3] SecuraBit Episode 50: Interview with Rob Lee!

[0x4] SecuraBit Episode 49: ConFoo.ca!

[0x5] SecuraBit Episode 48: Shmoocon (The Big Cheese) and PhoneFactor!

[0x6] SecuraBit Episode 47: Double Dutch!

[0x7] SecuraNibble Episode 03 - Security Hour on IMP

[0x8] SecuraBit Episode 46 â Making a Faster and Safer Web with Billy Hoffman

[0x9] SecuraBit Episode 45 â More on DOJOCON

[0xA] SecuraBit Episode 44 - Dennis Hurst and Movember!

AVG News

News & Press Releases

[0x1] AVG Technologies Scoops Up Security Industry Awards

[0x2] AVG Technologies’ Summer of Success

[0x3] Social Networking Poll Shows Users More Vulnerable Than Ever

[0x4] AVG Broadens Channel Reseller Program with Ingram Micro

[0x5] AVG LinkScanner Is Making the Internet Clean and Safe, A Half Million Computers At A Time

[0x6] AVG Technologies Receives Yet Another Virus Bulletin 100 Certification

[0x7] AVG Launches Free Protection Against Online Threats

[0x8] AVG Introduces Streamlined, Highly-Scalable Anti-Malware for Linux

[0x9] AVG Technologies opens Internationals Research Centre

[0xA] AVG Technologies is Double Winner of 2009 Global Excellence Awards

Google Online Security Blog

The latest news and insights from Google on security and safety on the Internet.

[0x1] Federal Support for Federated Login

[0x2] More Information about Malware Details

[0x3] Do machines dream of electric malware?

[0x4] Best Practices for Verifying and Cleaning up a Compromised Site

[0x5] Protecting Users and Ads from Malware

[0x6] Show Me the Malware!

[0x7] The Malware Warning Review Process

[0x8] Malware Statistics Update

[0x9] Ask the Google Anti-Malware Team

[0xA] Improving web browser security

Secu.be

Secu.be

[0x1] Network World on Security: Practical priorities in PCI DSS logging

[0x2] Network World on Security: Indian banker charged with online funds fraud

[0x3] Network World on Security: Twitter to begin screening some links for phishing

[0x4] Moreover Technologies - Computer security news: Twitter to begin screening some links for phishing

[0x5] Moreover Technologies - Computer security news: Slater & Gordon director has 1.99m shares released from escrow

[0x6] Moreover Technologies - Computer security news: Twitter fights back against phishing scams

[0x7] Moreover Technologies - Computer security news: Betty Mould Iddrisu Is No Trojan Horse

[0x8] Moreover Technologies - Computer security news: Twitter to screen links for phishing scams

[0x9] Moreover Technologies - Computer security news: Vodafone UK reassures HTC Magic users over virus claims

[0xA] Moreover Technologies - Computer security news: McAfee Warns Consumers On Fake Scam

National Vulnerability Database

This feed contains the most recent fully analyzed CVE cyber vulnerabilities published within the National Vulnerability Database.

[0x1] CVE-2010-0946 (com_ksadvertiser)

[0x2] CVE-2010-0945 (com_hotbrackets)

[0x3] CVE-2010-0944 (com_jcollection)

[0x4] CVE-2010-0943 (com_jashowcase)

[0x5] CVE-2010-0942 (com_jvideodirect)

[0x6] CVE-2010-0941 (etek_systems_hit_counter)

[0x7] CVE-2010-0940 (simple_php_guestbook)

[0x8] CVE-2010-0939 (abb_forum)

[0x9] CVE-2010-0938 (todoo_forum)

[0xA] CVE-2010-0937 (visualization_library)

Symantec Security Response Podcasts

Listen online, download to your computer, or subscribe and get the latest information automatically.

[0x1] Search Engine Poisoning

[0x2] Symantec Security Response Profile: Zulfikar Ramzan

[0x3] ISTR XIV - Phishing and Spam in the Economic Downturn

[0x4] ISTR XIV - Financially Motivated Malicious Code Development

[0x5] ISTR XIV - Web-Based Attacks

[0x6] e-Discovery Virtual Roundtable: Email & Web 2.0

[0x7] Symantec Report on the Underground Economy

[0x8] Norton AntiVirus 2009 and Norton Internet Security 2009 Product Overview

[0x9] Internet Security Threat Report Volume 13: Phishing Trends

[0xA] Internet Security Threat Report Volume 13: Maturation of Underground Economy Servers

Data center news from Network World Fusion

The latest data-center news and analysis from NetworkWorld.com.

[0x1] Cisco exec touts new core router's 100G Ethernet, energy efficiency

[0x2] Sentilla's energy management tool gets chargeback feature

[0x3] Data centers tackling cyber terrorism, slowly

[0x4] Group seeks to open source data-center design

[0x5] Microsoft envisions ultra-modular data centers

[0x6] Samsung unveils energy-saving line

[0x7] Microsoft at last releases famed Red Hat/Linux virtualization drivers

[0x8] Modular Data Centers: A Fast, Secretive Option Spreads

[0x9] Recession shifts IT service management into fast lane

[0xA] 40/100G Ethernet needed, but too pricey

SearchSecurity: Security Wire Daily News

The latest information security news on IT threats, vulnerabilities and market trends from the award-winning SearchSecurity.com.

[0x1] Microsoft repairs Excel flaws, warns of new IE vulnerability

[0x2] Botnets, malware and capturing cybercriminals

[0x3] VeriSign on DNSSEC support

[0x4] FBI asks for more private-sector help reporting cybercrime cases

[0x5] At RSA Conference, experts dismiss end-to-end encryption claims

[0x6] Experts laud IPS virtual patching, but warn against misuse

[0x7] Microsoft to address eight security vulnerabilities in Windows, Office

[0x8] Medical identity fraudsters target health care info, experts say

[0x9] Trustwave seeks SIEM technology upgrade with Intellitactics deal

[0xA] PCI tokenization push promising but premature, experts say

Headquarter, Linux, Network security and research

[0x1] Security threats Toolkit

[0x2] Unusual disk latency: The other day I met a friend and between...

[0x3] Untangle 7.1

[0x4] Lynis 1.2.9

[0x5] Wireshark 1.2.5

[0x6] Multiple Cisco WebEx WRF Player Vulnerabilities

[0x7] US drones hacked by Iraqi insurgents

[0x8] Video Interview with MacBook Bullet Girl

[0x9] Android Forensics

[0xA] Jobs for hackers

Network World on Wireless Security

The latest wireless security news and analysis from NetworkWorld.com.

[0x1] Cisco Unveils AnyConnect Secure Mobility

[0x2] How Wi-Fi attackers are poisoning Web browsers

[0x3] Pros and Cons of Windows 7 Security

[0x4] MS Provides Guidance on Windows 7 Zero-Day Vulnerability

[0x5] Shifting mobile cost to employees? Think twice

[0x6] Shifting mobile cost to employees? Think twice

[0x7] Protect Your PCs from Windows 7's Zero-Day Exploit

[0x8] A Guide to Windows 7 Security

[0x9] Protect Your Network With an Open-Source Firewall

[0xA] The Wacky World of WiFi

Techworld.com Operating Systems

Latest IT articles from Techworld's Operating Systems channel

[0x1] Microsoft may move up Windows 7 service pack release

[0x2] Google reveals Chrome OS security details

[0x3] Microsoft Office 2010 to launch 12 May

[0x4] Windows needs patching every five days

[0x5] Microsoft plans 8 Windows, Office fixes next week

[0x6] Microsoft plans 8 Windows & Office fixes next week

[0x7] How to make Windows 7 look like a Commodore 64

[0x8] Windows XP downgrade lawsuit thrown out of court

[0x9] Microsoft to Google: Address EU's antitrust concerns

[0xA] Intel hits migration delays with Windows 7

Anton Chuvakin Blog - "Security Warrior"

This blog covers all sorts of issues of interest to me, including information security, network security, data security - and all other fun things security.

[0x1] Simple Log Review Checklist Released!

[0x2] Security Warrior Blog EXCLUSIVE: 10 Question Interview with Bob Russo and Troy Leach of PCI Council

[0x3] Monthly Blog Round-Up – February 2010

[0x4] Links for 2010-03-01 [del.icio.us]

[0x5] The Myth of SIEM as “An Analyst-in-the-box” or How NOT to Pick a SIEM-II?

[0x6] Short Observation on Open Source SIEM

[0x7] RSA 2010: Where to Find Anton?

[0x8] Nobody Is That Dumb ... Oh, Wait XII

[0x9] Book Review “Cloud Security and Privacy”

[0xA] Workshop on the Analysis of System Logs (WASL) 2010 CFP Out!

The most recent News from Incisive Media

The most recent News from Incisive Media (Generated on Wednesday 10 March 2010 at 16:13:52)

[0x1] Exclusive: Capgemini preps carbon consultancy push

[0x2] AeroThermal outlines advanced anaerobic digestion vision

[0x3] Nokia smartphones 'failing to keep pace'

[0x4] Online banking fraud continues to rise

[0x5] RIN publishes a guide on peer review

[0x6] CNP fraud on the wane

[0x7] Concern over EU "Tobin tax" plan

[0x8] Stephen Timms defends 50p landline duty

[0x9] Standard Life places IT at heart of business transformation

[0xA] Feed-in tariff "killing off" burgeoning UK small turbine industry

LWN.net comments

This feed contains the text of all comments posted to the LWN.net site.

[0x1] Re: [PATCH] ufs: make solaris fsck happy

[0x2] The Ubuntu One music store and free software for profit

[0x3] Fixed hardware configuration still isn't enough

[0x4] An introduction to the new development page

[0x5] Re: [PATCH] ufs: make solaris fsck happy

[0x6] European Parliament pushes back on ACTA

[0x7] Re: [PATCH] ufs: make solaris fsck happy

[0x8] Open source and the Morevna project

[0x9] Sigh. Don't they look mac-like?

[0xA] Re: [PATCH] ufs: make solaris fsck happy

Firewall Wizards

Tips and tricks for firewall administrators

[0x1] Call for papers: ISP-10, Orlando, USA, July 2010

[0x2] Re: Inline 2 port POE Firewall

[0x3] Inline 2 port POE Firewall

[0x4] Re: Login straight to priv mode in PIX with TACACS server

[0x5] Login straight to priv mode in PIX with TACACS server

[0x6] Draft paper submission deadline is extended: ISP-10

[0x7] Hackito Ergo Sum 2010 - Call For Paper - HES2010 CFP

[0x8] Re: Is it possible to control access between clients on same LAN with a firewall?

[0x9] Re: Is it possible to control access between clients on same LAN with a firewall?

[0xA] Re: Is it possible to control access between clients on same LAN with a firewall?

Sunbelt Blog

A blog about activities, products and ideas at Sunbelt Software, one of the leading developers of security software to protect against spyware, spam and other threats.

[0x1] Consoles for old games come with new malcode

[0x2] LifeLock will pay $12 million for false claims

[0x3] Microsoft Patch Tuesday

[0x4] Cute (and malicious)

[0x5] Energizer USB charger infected with Trojan

[0x6] Five years ago today on the Sunbelt Blog

[0x7] Search engine bait and switch

[0x8] Patch Tuesday coming next week

[0x9] Chat with malcode

[0xA] The Internet as a moral ground

Carnal0wnage Blog

carnal0wnage and zero(day) solutions blog

[0x1] VMWare Directory Traversal Metasploit Module

[0x2] metasploit getsystem command

[0x3] KiTrap0d now in metasploit

[0x4] Ruby, Nmap XML, and Databases

[0x5] Various Online Password Crackers

[0x6] 2009 Blog Stats

[0x7] Beating Up On Oracle Book List

[0x8] Hackers -- Net Cafe Series Video circa 1996

[0x9] Digging into SSL Cipher Checking

[0xA] Hacking Unprotected JBOSS JMX Console Installations

US-CERT Technical Cyber Security Alerts

US-CERT Technical Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits.

[0x1] TA10-068A: Microsoft Updates for Multiple Vulnerabilities

[0x2] TA10-055A: Malicious Activity Associated with "Aurora" Internet Explorer Exploit

[0x3] TA10-040A: Microsoft Updates for Multiple Vulnerabilities

[0x4] TA10-021A: Microsoft Internet Explorer Vulnerabilities

[0x5] TA10-013A: Adobe Reader and Acrobat Vulnerabilities

[0x6] TA10-012B: Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities

[0x7] TA10-012A: Oracle Updates for Multiple Vulnerabilities

[0x8] TA09-343A: Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR

[0x9] TA09-342A: Microsoft Updates for Multiple Vulnerabilities

[0xA] TA09-314A: Microsoft Updates for Multiple Vulnerabilities

Xatrix Security Headlines

Latest Computer Security Headlines

[0x1] Hack Attack: Get Windows XP SP3 Through Windows Update

[0x2] TPB files charges against media companies

[0x3] Storm worm: again.

[0x4] Onslaught on .ORGs

[0x5] OpenOffice.org insecure

[0x6] Leave your laptop at home

[0x7] Hack in the Box – Capture the Flag

[0x8] 35% of pay-per-click fraud?

[0x9] New variant mobile worm

[0xA] Google will help users surf safely

Search Engine Watch

Keep updated with major stories about search engine marketing and search engines as published by Search Engine Watch.

[0x1] SEO vs. PPC Debate -- Which Do You Prefer?

[0x2] Don't Over Optimize Your Site

[0x3] Winning the Multi-Agency Game: Can't We All Just Get Along?

[0x4] Passing The Torch as an SEO Manager

[0x5] Get Your Search Campaigns Ready for the Yahoo/MSN Merger

[0x6] Search Around the World: Italy

[0x7] Your Locations are Your Biggest Digital Assets

[0x8] Measuring Social Media with Web Analytics, Part 1

[0x9] Forget Shorty: Long Tail Keywords Convert Cheaper

[0xA] 3 Tools for Optimizing Page Speed

Technology News

Get the latest technology news, comment and anlaysis from the Telegraph.

[0x1] Chinese companies ready iPad clones

[0x2] BT boss criticises Digital Economy Bill

[0x3] Microsoft warns of new Internet Explorer vulnerability

[0x4] Top 10 most expensive domain names

[0x5] Sex.com 'to become most expensive domain name in history'

[0x6] Website blocking plans attacked by Google, Facebook and Stephen Fry

[0x7] 3D televisions 'the norm' within five years, experts predict

[0x8] 'Minority Report' digital billboard 'watches consumers shop'

[0x9] Ban for internet providers failing to block child sex sites

[0xA] From .God to .xxx - sex and religion domain names to be discussed

hacklab.to

Toronto's hacker collective

[0x1] Pi Day Party!

[0x2] Esperanto boot camp (Saturday January 23)

[0x3] Learn German on Jan 9!

[0x4] Python Hiatus

[0x5] RubyMine Donation

[0x6] Hacklab in The National Post

[0x7] No, really, it does play Super Mario

[0x8] Living in the Future, or, HackLab Buys a Cupcake

[0x9] miniSoOnCon 2009!

[0xA] Board Update

DVLabs: Blogs

Recent Blog Posts

[0x1] RSA Conference 2010 Talks

[0x2] Pwn2Own 2010

[0x3] Mostrame la Guita!

[0x4] Ekoparty Wrap Up

[0x5] IPS Testing Realities

[0x6] Ekoparty 2009

[0x7] BlackHat USA 2009 Talk Choices

[0x8] Exploiting MS Advisory 971778: QuickTime DirectShow

[0x9] What's Worse Than Finding a Bug in Your Apple?

[0xA] The iPhone 3.0 Conundrum

GovInfoSecurity.com Blogs RSS Syndication

GovInfoSecurity.com.com Blog RSS Feeds

[0x1] Obama is Late Again in Keeping Privacy Promise

[0x2] Schmidt's Can-Do Spirit on Cloud Computing

[0x3] The Government's Infosec "Conspirators"

[0x4] Yes, Howard Schmidt Has the President's Ear

[0x5] CISO Witnesses Hack Like No Other

[0x6] Declassified CNCI Summary: What's New?

[0x7] Schmidt to Announce Easing of CNCI Secrecy

[0x8] Howard Schmidt Achieves Rock-Star Status

[0x9] TIC Initiative: By the Numbers

[0xA] Leading on Cybersecurity: The Administration Speaks

Martin McKeay's blog

[0x1] Hacking locks instead of computers

[0x2] Did she think this of the potential consequences?

[0x3] Escaping a virtual machine

[0x4] Certs: Added value or minimum requirement?

[0x5] The dubious effects of monitoring surfing habits

[0x6] Should your ISP protect you from yourself?

[0x7] Was the iPhone ready for prime time?

[0x8] Maynor isn't the Sell Out or LMH

[0x9] Infosec Sell Out outed, disappears

[0xA] VA employee tried to hide the damage

The Web Application Security Consortium / FrontPage

The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.

[0x1] Robert Auger edited FrontPage

[0x2] Robert Auger edited FrontPage

[0x3] Robert Auger edited FrontPage

[0x4] Robert Auger edited FrontPage

[0x5] Robert Auger edited FrontPage

[0x6] Robert Auger edited FrontPage

[0x7] Robert Auger edited FrontPage

[0x8] Robert Auger edited FrontPage

[0x9] Robert Auger edited FrontPage

[0xA] Robert Auger edited FrontPage

Enterprise Storage Forum News

Covering security, storage, and networking for the enterprise IT professional

[0x1] Solid State Drives Get Faster with TRIM

[0x2] Solid State Drives in Enterprise Applications

[0x3] Oracle to Keep Sun's Data Storage, Tape Businesses

[0x4] LTO-5 Breathes New Life into Tape Storage

[0x5] NetApp Deepens Ties with Cisco, VMware

[0x6] EMC Reports Strong Data Storage, Deduplication Sales

[0x7] Symantec Adds Deduplication to Backup Software

[0x8] EMC Doubles Clariion, Celerra Density with 2TB SATA Drives

[0x9] RAID Storage Levels Explained

[0xA] NetApp, Cisco and VMware Deal May Be Coming

DarkReading - All Stories

DarkReading

[0x1] Voluntary Breach Disclosure Rare But Valuable

[0x2] Botnets Serving Project Aurora Likely Built By "Amateurs," Researcher Says

[0x3] Ford Motor Rolls Out New Security Features To Prevent Car-Hacking

[0x4] Product Watch: Gemalto Rolls Out Secure Online Banking On A Stick

[0x5] New Massachusetts Data Privacy Law Adds Incentive For Strong Database Security

[0x6] Smartphone Weather App Builds A Mobile Botnet

[0x7] At RSA, Some Security Pros Don't Practice What They Preach

[0x8] Tool Automates Targeted Attacks On Social Network Users

[0x9] New BlackEnergy Trojan Targeting Russian, Ukrainian Banks

[0xA] Product Watch: New Microsoft Identity Technology Aims To Protect Online Privacy

Twitter / DojoSec

Twitter updates from DojoSec / DojoSec.

[0x1] DojoSec: @marcusjcarey interview with @dakami (Dan Kaminsky) at ShmooCon http://bit.ly/9L0TvG

[0x2] DojoSec: DojoSec Happy Hour Tonight 7-9pm at Howl at the Moon Baltimore http://bit.ly/cQm9jF

[0x3] DojoSec: Next DojoSec Meetup will be March 4th 7-9pm at Howl Baltimore http://tinyurl.com/howlbmore

[0x4] DojoSec: Next DojoSec Meetup will be March 4th 7-9pm at Howl Baltimore http://tinyurl.com/howlbmore, no talks just fun!

[0x5] DojoSec: DojoCon 2009 Cloud Security Panel http://vimeo.com/7517519 http://bit.ly/8ZusJh

[0x6] DojoSec: I posted 14 photos on Facebook in the album "DojoSec" http://bit.ly/6VZb1j

[0x7] DojoSec: DojoSec Facebook Page up http://bit.ly/53AyB8 Become a Fan :)

[0x8] DojoSec: DojoSec Canceled due to inclement weather. :(

[0x9] DojoSec: DojoSec Sessions Ep. 1 - Jeremy Brown - Finding Vulnerabilities with Static Analysis - http://bit.ly/8hcOVL

[0xA] DojoSec: @securabit Congrats on your new partnership

Twitter / mssecurity

Twitter updates from Microsoft Security / mssecurity.

[0x1] mssecurity: Microsoft security updates for November 2009 - http://bit.ly/35QaKW

[0x2] mssecurity: Sorry all, automated update pushing hasn't been working too well the last few times. Working on it.

[0x3] mssecurity: Microsoft security updates for October 2009 - http://bit.ly/RgyPY

[0x4] mssecurity: Microsoft security updates for July 2009 http://bit.ly/YUzPo

[0x5] mssecurity: Microsoft security updates for June 2009 http://tinyurl.com/mx8dxn

[0x6] mssecurity: Vista Service Pack 2 Standalone downloads now available - 32-bit http://sn.im/ismow, 64-bit http://sn.im/ismps

[0x7] mssecurity: Microsoft security updates for May 2009 http://tinyurl.com/ogxprk

[0x8] mssecurity: What is a botnet? http://tinyurl.com/oxwot3

[0x9] mssecurity: What is spam? http://tinyurl.com/qe46ka

[0xA] mssecurity: What is identity theft? http://tinyurl.com/r3evar

Security Watch

[0x1] Mariposa, Game Over

[0x2] Firewall Rules Scanner, Open Source

[0x3] Botnet network behavior analysis lab

[0x4] Materials, Shmoocon 2010

[0x5] Smartphone Security - Part 3

[0x6] Smartphone Security - Part 2

[0x7] Smartphone Security

[0x8] Materials, FireTalks, Shmoocon 2010

[0x9] Materials, Internet Early Warning and Network Intelligence, EWNI 2010

[0xA] Materials, Black Hat DC 2010

Wired: Politics

The intersection of technology and government.

[0x1] Lifelock Dinged $12 Million for Deceptive Business Practices

[0x2] Supreme Court Takes 'Informational Privacy' Case

[0x3] Feds Move to Break Voting-Machine Monopoly

[0x4] Justices to Weigh Religion, Speech Rights in Funeral Flap

[0x5] Forget Airport Body Scanners: DARPA Wants to X-Ray Earth

[0x6] Domain Name Czar Seeks .OnlineUnity

[0x7] 11 More U.S. Airports Get Body Scanners

[0x8] Despite New Policy, Pentagon Still Wary of the 'Tubes

[0x9] DMCA Muscle Kills DVD Copying, for Real

[0xA] White House Cyber Czar: 'There Is No Cyberwar'

Boaz Gelbord

A look at information security management, spending in the security industry, and everything along the way.

[0x1] Security Scoreboard is Live!

[0x2] Mass Security Regulation Gets Tech Priorities Wrong

[0x3] YouSendIt Indictment is a Cloud Warning

[0x4] SEC eyes Identity Theft

[0x5] Visa Embraces End-to-End Encryption

[0x6] https Can Wait - SaaS Needs Better Authentication First

[0x7] OWASP Security Spending Benchmarks Project Report for Q2 Published

[0x8] Nevada Mandates PCI Standard, Part II

[0x9] Nevada Mandates PCI Standard

[0xA] Opera Invites You to Join the Cloud

CSOONLINE.com - Data Protection

[0x1] Cyberattacks Raise E-Banking Security Fears

[0x2] Excel Vulnerabilities Revealed on 'Slower' Patch Tuesday

[0x3] Microsoft Skips Patch for PowerPoint Add-on

[0x4] Bogus Intranets Scam University Students

[0x5] Auto of the Future? New Cars Add Infosec Technology

[0x6] FDIC: Hackers Took More Than $120M in Three Months

[0x7] Thailand Approves Credit Card Hacker's Extradition to US

[0x8] US Citizen a Key Player in Alleged Italian Telecom Fraud

[0x9] Energizer Bunny's Software Infects PCs

[0xA] RSA Conference 2010 and Security B-Sides Recap

Diary of Michael Daw

Weekly humour

[0x1] IIS 6.0 WebDav Exploit, Adobe 8-9.1 JavaScript Exploits, Cisco Works TFTPD Directory Traversal

[0x2] Universal XSS Vulnerability in Google

[0x3] Diffie-Hellman-Branston Key Exchange

[0x4] TCP/IP Security Assessment, FreeBSD Telnet 0-Day, RainbowCrack 1.3, Nokia N95 DoS, Bounty for Worm Author

[0x5] Hacker News: Backtrack 4 Beta, Web Services Testing, Monster Hacked and More

[0x6] IWAS-P Hero Dies Before Conference

[0x7] Pwntry

[0x8] 10 must have tips for infosec people

[0x9] Asking for trouble…

[0xA] Super Duper Invisible Trojan

StoneBlog.stonesoft.com

Share knowledge about StoneGate

[0x1] MultiLink VPN works, it just does.

[0x2] Enabling Cloud Computing

[0x3] The power of form-based Single Sign-On… in 8 steps

[0x4] I have my certificate, do I need anything else?

[0x5] User Storage in StoneGate SSL VPN

[0x6] Advanced Certificate to User Attributes Mapping in SSO

[0x7] StoneGate 5.1: IPsec VPN Client enhancements

[0x8] SSL VPN 1.4 Feature Previews

[0x9] StoneGate 5.1: Other enhancements

[0xA] StoneGate 5.1: Automatic CA renewal

Rational Survivability

Hoff's Ramblings about Information Survivability, Information Centricity, Risk Management and Disruptive Innovation. Oh, I have a fondness for virtualization and cloud computing security, too...

[0x1] Video: Cloud Computing in Government…

[0x2] Incomplete Thought: The Other Side Of Cloud – Where The (Wild) Infrastructure Things Are…

[0x3] Chattin’ With the Boss: “Securing the Network” (Waiting For the Jet Pack)

[0x4] 2010 RSA Security Bloggers Award – Thanks A Bunch…

[0x5] RSA Interview (c/o Tripwire) On the State Of Information Security In Virtualized/Cloud Environments.

[0x6] Slides from My Cloud Security Alliance Keynote: The Cloud Magic 8 Ball (Future Of Cloud)

[0x7] Virtual Networking/Nexus 1000v Virtual Switch Blogger Roundtable/WebEx Logistics – March 2nd.

[0x8] Six Year Old Rationalizes the Cloud

[0x9] Don’t Hassle the Hoff: Recent Press & Podcast Coverage & Upcoming Speaking Engagements

[0xA] Comments on the PwC/TSB Debate: The cloud/thin computing will fundamentally change the nature of cyber security…

CSOONLINE.com - Network Security

[0x1] What Are the Most Overrated Security Technologies?

[0x2] Fraudsters Bank on Business Accounts: How to Protect Your Funds Online

[0x3] Security B-Sides: Perfect Authentication Remains Elusive

[0x4] RSA Conference 2010: 4 Survival Tips

[0x5] Security B-Sides: Rise of the 'Anti-conference'

[0x6] Virtualization, Cloud Computing and the PCI DSS

[0x7] Five Security Missteps Made in the Name of Compliance

[0x8] Virtualised USB Key Beats Keyloggers

[0x9] Toolbox: How to Choose Your Antispam Strategy

[0xA] Tuning Snort with Host Attribute Tables

ITWeb Internet

Latest ICT Internet news

[0x1] King III links in with social networks

[0x2] Rivals gain from Google book deal

[0x3] US lawmaker rallies broadband changes

[0x4] Twitter offers advertising service

[0x5] Websense harnesses cloud

[0x6] FinSwitch introduces Web services

[0x7] IP over avian carrier

[0x8] Initiative sees teachers collaborate online

[0x9] Asian sites profit from virtual money

[0xA] Obama warns teens of Facebook

EduGeek.net Forums

EduGeek.net - The educational I.T. professionals' life line

[0x1] XP client joining domain: "the system call level is not correct"

[0x2] MS Security Essentials

[0x3] Squid Dropping for a few seconds

[0x4] 7zip

[0x5] News: Corey Haim Found Dead

[0x6] Is SaaS a model that will work in the Schools sector?

[0x7] [Pics] New apple product

[0x8] SIMS/FMS SQL on VMWare?

[0x9] [For Sale] RM Stuff

[0xA] [For Sale] Bromcom Stuff

Google Online Security Blog

The latest news and insights from Google on security and safety on the Internet.

[0x1] Federal Support for Federated Login

[0x2] More Information about Malware Details

[0x3] Do machines dream of electric malware?

[0x4] Best Practices for Verifying and Cleaning up a Compromised Site

[0x5] Protecting Users and Ads from Malware

[0x6] Show Me the Malware!

[0x7] The Malware Warning Review Process

[0x8] Malware Statistics Update

[0x9] Ask the Google Anti-Malware Team

[0xA] Improving web browser security

The Register - Security

Biting the hand that feeds IT

[0x1] Cryptome: PayPal a 'liar, cheat and a thug'

[0x2] UK plastic fraud losses fall for first time in 3 years

[0x3] Twitter adds filter to cut phishing lines

[0x4] Max Clifford takes £1m to drop hack probe

[0x5] Suburban woman accused of using net to recruit terrorists

[0x6] Fraud-prevention service ponies up $12m for 'false' ads

[0x7] It's official: Adobe Reader is world's most-exploited app

[0x8] New Internet Explorer code-execution attacks go wild

[0x9] FA launches security probe after England team bugged

[0xA] Smartphone app botnet experiment blows up a storm

LinuxSecurity.com: Foresight Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Foresight: firefox

[0x4] Foresight: python

[0x5] Foresight: firefox

[0x6] Foresight: imageop

[0x7] Foresight: nss_ldap

[0x8] Foresight: rsync

[0x9] Foresight: e2fsprogs

[0xA] Foresight: tetex

Upcoming Security Alerts

Upcoming Security Alerts

[0x1] Oracle Database

[0x2] Oracle Database

[0x3] Oracle Database

[0x4] Oracle Secure Enterprise Search

[0x5] Documentation bug concerning a special privilege

[0x6] Oracle Database

[0x7] Oracle Database

[0x8] Oracle Database

[0x9] Oracle Database

[0xA] Oracle Database

Jeff Jones Security Blog

Looking at Security from All Angles. Security is not simple, so we should try not to simplify it to the point of uselessness.

[0x1] Ubuntu CVE Tracker

[0x2] Microsoft Prime Restaurant Guide for Snoqualmie and Issaquah

[0x3] Microsoft News at RSA 2010

[0x4] My Netflix Pet Peeve - "Popular New Releases"

[0x5] Microsoft to Waledac: Off with Your Head!

[0x6] Now on Twitter –Jeff Jones @ Microsoft is securityjones

[0x7] End of Year – Clean Up Your E-Mail

[0x8] Expanding SDL for Cloud and Agile Development

[0x9] SDL Team Adds Test Tools to the SDL Tools Arsenel

[0xA] Project Quant Patch Management Survey Summary and Results – Available for Download

Anton Chuvakin Blog - "Security Warrior"

This blog covers all sorts of issues of interest to me, including information security, network security, data security - and all other fun things security.

[0x1] Simple Log Review Checklist Released!

[0x2] Security Warrior Blog EXCLUSIVE: 10 Question Interview with Bob Russo and Troy Leach of PCI Council

[0x3] Monthly Blog Round-Up – February 2010

[0x4] Links for 2010-03-01 [del.icio.us]

[0x5] The Myth of SIEM as “An Analyst-in-the-box” or How NOT to Pick a SIEM-II?

[0x6] Short Observation on Open Source SIEM

[0x7] RSA 2010: Where to Find Anton?

[0x8] Nobody Is That Dumb ... Oh, Wait XII

[0x9] Book Review “Cloud Security and Privacy”

[0xA] Workshop on the Analysis of System Logs (WASL) 2010 CFP Out!

GovInfoSecurity.com Webinars RSS Syndication

GovInfoSecurity.com RSS News Feeds on government information security webinars.

[0x1] Defending Against Cyberattack: Emerging Solutions for Today's Threats

[0x2] Maintaining Secure Government Information Systems

[0x3] Case Files: What the Department of Justice has Learned from the World's Worst Breaches

[0x4] Top 20 Critical Controls to Ensure Painless FISMA Compliance

[0x5] Career Trends Survey 2010 Results Webinar

[0x6] The Identity Enabled Network: The Future of Secure Cyberspace

[0x7] Data Protection and Incident Response

[0x8] Time: The Hidden Risks -- How to Create Compliant Time Practices

[0x9] Automating Security Controls Within Government Information Systems

[0xA] Legal Considerations About Cloud Computing

Hacked Gadgets - DIY Tech Blog

Many articles about hacking gadgets. Examples of extreme technology. DIY projects describing how to build electronic projects. Fun top 5 and top 10 lists.

[0x1] Steampunk Wheelchair Project

[0x2] DIY Binary Clock Build

[0x3] DIY Soil Moisture Sensor

[0x4] Worlds most Powerful Private Rocket

[0x5] Olympic Interactive LED Globes

[0x6] How Ball Bearings are Made

[0x7] Name the Thing Contest - 122

[0x8] Strobeshnik Hard Drive Clock

[0x9] Time Delay Door Alarm Project

[0xA] Pain Toy

[0x1] Windows7 Virtual AP – Why is it a big deal now?

[0x2] Windows 7: A New Wireless Risk for the Enterprise – Webinar

[0x3] Hilarious video with a somber message

[0x4] SIMFI: Convert your cell phone into a WiFi honeypot!

[0x5] WiFi Hots(Honey)pots Go Mobile

[0x6] Wi-Fi Networks Open to Attacks

[0x7] WPA-PSK Passwords Now on Sale…Starting $17!

[0x8] SSL Renegotiation Vulnerability: Journey from Theory to Practice to Prevalence

[0x9] What, wireless security violation over flower vase?

[0xA] How “soft APs” can create “soft spots” in your network security

Help Net Security - Vulnerabilities

Help Net Security is a daily updated security related site. We offer information on the latest happenings in the InfoSec world, advisories, viruses, papers, and more. HNS also has a large download section of security tools for Windows, Linux, Mac OS X and Pocket PC.

[0x1] SLAED CMS Multiple Remote File Include Vulnerabilities

[0x2] Crawlability vBSEO "vbseo.php" Local File Include

[0x3] Newbie CMS Insecure Cookie Authentication Bypass

[0x4] PHP F1 Max's Photo Album "admin.php" Arbitrary File Upload

[0x5] 1024 CMS "id" Parameter SQL Injection

[0x6] Joomla! "com_yanc" Component "listid" Parameter SQL Injection

[0x7] JSK Internet WebAdministrator "download.php" SQL Injection

[0x8] Softbiz Auktios Multiple SQL Injection Vulnerabilities

[0x9] Sparta Systems TrackWise EQMS Multiple Cross-Site Scripting Vulnerabilities

[0xA] ARISg "wflogin.jsp" Cross-Site Scripting

An Expert's Guide to Database Solutions

Experienced DBA, Strategist, Architect, and Performance Expert James Koopmann provides information, guidance, technical savvy, and solutions for your database needs.

[0x1] Oracle AUM - a lesson in why you should be using

[0x2] Oracle AUM - something you should be using

[0x3] Providing proper access to Oracle's data dictionary

[0x4] High-level CPU consumption using Oracle's Time Model

[0x5] Did you like the mud slung by Oracle this last week?

[0x6] Oracle Statistics; Are we going backwards

[0x7] Email campaign to stop the Oracle/Sun deal

[0x8] Are we out of the recession yet?

[0x9] How is your 2010 shaping up to be?

[0xA] My top 10 list for DBAs in 2010

InternetNews Realtime News for IT Managers

All the top news, features, analysis and insight into enterprise and Internet technology, geared for IT managers and delivered by the best in the industry.

[0x1] U.S. Eyes Path to Press China on Internet Policy

[0x2] Is Windows 7 Service Pack Coming in Q4?

[0x3] Microsoft-Sponsored CodePlex Moves Ahead

[0x4] Microsoft Offering Software, Training for Vets

[0x5] Microsoft Patch Tuesday Includes IE Warning

[0x6] Apple's Flash Feast Could Crimp SSD Sales

[0x7] Apple Seen Gearing Up for More Patent Fights

[0x8] Symantec Tackles Mobile Security

[0x9] Microsoft: Windows Phone 7 More Than an OS

[0xA] Hackers Check Into Wyndham Hotels' Network

Emergency Management News

Government Technology: News: Latest Emergency Management News

[0x1] Text-a-Tip Programs Promote Campus and Public Safety

[0x2] States Scored on Health Emergency Preparedness Capabilities

[0x3] Web-Based System Simplifies South Carolina's Disaster Data Collection

[0x4] New York Testing Emergency Alerts Over Xbox, PlayStation, Wii Online Networks

[0x5] States Receiving Long-Awaited Funds for Enhanced 911

[0x6] Coast Guard Contingency Planner John Stanley Develops Strategies for Natural Disasters and ...

[0x7] Flood Management and Rebuilding Plans Help Iowa Town Recover

[0x8] Virtual Alabama Facilitates Data Sharing Among State and Local Agencies

[0x9] Satellite Technology Provides Disaster Communications When Cell Towers Fail

[0xA] Social Media Brings Together Resources, Creates More Resilient Communities (Analysis, Social ...

ComPly With Me--- a HIPAA Forum

[0x1] 3 I's

[0x2] Blue Suit, Red Cape and Red Boots

[0x3] International Talk Like a Pirate Day!

[0x4] Ah, Sweet Mystery

[0x5] Baby One More Time

[0x6] Over and over

[0x7] My Way

[0x8] Time After Time

[0x9] It Wasn't Me

[0xA] Secret Love

CSOONLINE.com - Access Control

[0x1] Using Biometric Access Systems: Dos and Don'ts

[0x2] What Are the Most Overrated Security Technologies?

[0x3] Virtualised USB Key Beats Keyloggers

[0x4] Y2K All Over Again in 2010?

[0x5] Groundhog Day: The Gartner IAM 2009 Event in Review

[0x6] How 9-11 Shaped Hoover Dam Security Operations

[0x7] Hoover Dam Security in Pictures

[0x8] Fingerprints Not Enough for Future Security Government Systems

[0x9] Why Pen Testing Is Central to Pennsylvania's App Security

[0xA] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

Kaspersky Lab Weblog

[0x1] Patch Tuesday

[0x2] Too many passwords?

[0x3] More on Yxe

[0x4] Return of the Yxe worm

[0x5] The football World Cup kicks off in South Africa

[0x6] Cascading false positives

[0x7] Need a Valentine‘s gift?

[0x8] On the way to better testing

[0x9] Patch now: MS10-002

[0xA] Search poisoning, again

Twitter / ubuntu_security

Twitter updates from ubuntu_security / ubuntu_security.

[0x1] ubuntu_security: [USN-810-1] NSS vulnerabilities

[0x2] ubuntu_security: [USN-817-1] Thunderbird vulnerabilities

[0x3] ubuntu_security: [USN-813-2] Apache vulnerability

[0x4] ubuntu_security: [USN-824-1] PHP vulnerability

[0x5] ubuntu_security: [USN-816-1] fetchmail vulnerability

[0x6] ubuntu_security: [USN-810-1] NSS vulnerabilities

[0x7] ubuntu_security: [USN-817-1] Thunderbird vulnerabilities

[0x8] ubuntu_security: [USN-813-2] Apache vulnerability

[0x9] ubuntu_security: [USN-824-1] PHP vulnerability

[0xA] ubuntu_security: [USN-816-1] fetchmail vulnerability

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] New HSBC and Barclays bank XSS and open redirect bugs

[0x2] Flash clickTAG parameter XSS. Banks, e-shops, Adobe and others vulnerable

[0x3] Cross-site scripting flaw on Winbank's easypay.gr SSL site

[0x4] Major Greek bank sites with SSL vulnerable to XSS and open redirects

[0x5] Google SSL page vulnerable to XSS

[0x6] Google Chrome universal XSS vulnerability, now fixed

[0x7] Two critical XSS bugs on Barclays bank website

[0x8] XSS, Iframe injections and XMLHTTP post request errors on McAfee sites

[0x9] Five Sun.com XSS flaws in the SSL user login page

[0xA] New critical XSS bug in Google's Orkut

Room362.com RSS Feed

Blog

[0x1] Practical Exploitation

[0x2] @RSnake ’s RFI List in Burp Suite

[0x3] Security (CAN BE) an ART not a SCIENCE

[0x4] grmn00bs podcast

[0x5] Linked in to Twitter

[0x6] Meterpreter tunneling and VNC revamped

[0x7] Metasploit with Ruby 1.9.1

[0x8] 2009 Geek Christmas List

[0x9] SHODAN The Computer Search

[0xA] Brute-Forcing Compatibility

CSO Blogs - Business Continuity

[0x1] Hacker, Cracker, Salafi, Spy - Be There!

[0x2] Don't Pushdo - The Year of the Dragon (Research Group)

[0x3] Joseph Stack, Small Aircraft and al-Qa'eda

[0x4] Connecticut AG files HITECH Act Law Suit…holy IT health records enablement!!

[0x5] Hold Developers Legally Accountable for Software Security Flaws?

[0x6] Time to re-think encryption

[0x7] The Changing Nature Of Governance, RIsk And Compliance

[0x8] CyberTerror - the Arms Race We're Losing

[0x9] Risk Mitigation through Collaborative Innovation

[0xA] High Tech Firms Who Outsource Software Development to China - The Dirty Little Secret

LinuxSecurity.com: Mandriva Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Mandriva: 2010:058: php

[0x4] Mandriva: 2010:057: apache

[0x5] Mandriva: 2010:056: openoffice.org

[0x6] Mandriva: 2010:055: poppler

[0x7] Mandriva: 2010:054: pam_krb5

[0x8] Mandriva: 2010:053: apache

[0x9] Mandriva: 2010:052: sudo

[0xA] Mandriva: 2010:051: mozilla-thunderbird

Dragos Lungu Dot Com | Security Tools And Tips

100% Unbiased Security Tools Reviews. Computer Security Blog about Phishing, Spyware, Malware and other Threats and Vulnerabilities we face everyday .

[0x1] SC Magazine 2010 Awards Winners

[0x2] Qualys Unveils 3 New Services – Some Are FREE!

[0x3] OWASP Broken Web Applications – Excelent Learning Tool

[0x4] GFI WebMonitor 2009 Review

[0x5] ModSecurity 2.5 – New Book Soon To Be Released

[0x6] NetWitness releases NextGen version 9.0

[0x7] Twitter Weekly Updates for 2009-07-19

[0x8] Twitter Weekly Updates for 2009-07-12

[0x9] Twitter Weekly Updates for 2009-07-05

[0xA] Twitter Weekly Updates for 2009-06-28

CSOONLINE.com - PCI and Compliance

[0x1] RSA 2010: Why 41 Percent of You Would Fail a PCI Audit

[0x2] Average Annual Cost of PCI Compliance Audit? $225k

[0x3] RSA Conference 2010: 4 Survival Tips

[0x4] ATM Skimming: How to Recognize Card Fraud

[0x5] Telltale Signs of ATM Skimming

[0x6] Security B-Sides: Rise of the 'Anti-conference'

[0x7] Virtualization, Cloud Computing and the PCI DSS

[0x8] Five Security Missteps Made in the Name of Compliance

[0x9] Report: Most Organizations Now Suffer Cyber Attacks

[0xA] How to Make Things Worse With IT Security Technology

DVLabs: Published Advisories

Published Advisories

[0x1] TPTI-10-02 - Microsoft Office PowerPoint Viewer TextCharsAtom Record Code Execution Vulnerability

[0x2] TPTI-10-01 - HP Data Protector Server Cell Manager Remote Code Execution Vulnerability

[0x3] TPTI-09-15 - HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability

[0x4] TPTI-09-13 - HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability

[0x5] TPTI-09-12 - HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability

[0x6] TPTI-09-11 - HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability

[0x7] TPTI-09-10 - HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability

[0x8] TPTI-09-09 - HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability

[0x9] TPTI-09-08 - HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability

[0xA] TPTI-09-14 - HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability

Techworld Blogs

Aggregate feed of all active Techworld Blogs

[0x1] Apple apps contract - the devil's in the detail

[0x2] All eyes on Cisco ... well, some of them

[0x3] Where were the cops when Microsoft busted Waledac?

[0x4] Outlook still cloudy

[0x5] The world's right to web access

[0x6] A tale of two countries

[0x7] Getting physical

[0x8] Microsoft plays big bad wolf. And then blows down its own house

[0x9] Why business software isn't like Facebook ... yet

[0xA] Mixed-up world of virtualisation security

Xatrix Security Advisories

Xatrix Security Advisories

[0x1] Ubuntu Linux: Firefox vulnerabilities

[0x2] Red Hat: Ruby safe-level vulnerability

[0x3] Red Hat: Seamonkey critical security vulnerabilities

[0x4] Debian: Drupal several remote vulnerabilities

[0x5] Debian: Kernel local race condition

[0x6] SUSE: Kernel local privilege escalation

[0x7] Ubuntu Linux: Update introduced regression

[0x8] Ubuntu Linux: Mozilla-Thunderbird vulnerabilities

[0x9] Mandriva: Perl log flaw

[0xA] Ubuntu Linux: Mozilla various vulnerabilities

Rational Survivability

Hoff's Ramblings about Information Survivability, Information Centricity, Risk Management and Disruptive Innovation. Oh, I have a fondness for virtualization and cloud computing security, too...

[0x1] Video: Cloud Computing in Government…

[0x2] Incomplete Thought: The Other Side Of Cloud – Where The (Wild) Infrastructure Things Are…

[0x3] Chattin’ With the Boss: “Securing the Network” (Waiting For the Jet Pack)

[0x4] 2010 RSA Security Bloggers Award – Thanks A Bunch…

[0x5] RSA Interview (c/o Tripwire) On the State Of Information Security In Virtualized/Cloud Environments.

[0x6] Slides from My Cloud Security Alliance Keynote: The Cloud Magic 8 Ball (Future Of Cloud)

[0x7] Virtual Networking/Nexus 1000v Virtual Switch Blogger Roundtable/WebEx Logistics – March 2nd.

[0x8] Six Year Old Rationalizes the Cloud

[0x9] Don’t Hassle the Hoff: Recent Press & Podcast Coverage & Upcoming Speaking Engagements

[0xA] Comments on the PwC/TSB Debate: The cloud/thin computing will fundamentally change the nature of cyber security…

Bugtraq

The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

[0x1] CORE-2009-0813: Windows Movie Maker and Microsoft Producer IsValidWMToolsStream() Heap Overflow

[0x2] ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

[0x3] [security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands

[0x4] [SECURITY] [DSA 2008-1] New typo3-src packages fix several vulnerabilities

[0x5] IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability

[0x6] Re: Apple Airport Wireless Products: Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass

[0x7] SQL injection vulnerability in wILD CMS

[0x8] Croogo CMS 1.2 Cross Site Scripting Vulnerabilities

[0x9] [ MDVSA-2010:057 ] apache

[0xA] Re: phpinfo() XSS Vulnerability

F.A.T.

Release early, often, and w/ rap music.

[0x1] Paintball Shooting Robot Writes Tempt1 Tag

[0x2] BREAKING NEWS: EyeWriter wins Design of the Year in Art

[0x3] How to Build an EyeWriter in Mumbai Part I

[0x4] 2009: Year of the F.A.T.

[0x5] How to Tweet Porn

[0x6] How to build a fake Google Street View car

[0x7] How To Track the Google Street View Car

[0x8] Drunk Google Street View!

[0x9] Google Streeview Driver Caught Urinating In Public…

[0xA] Imma Let You Finish Transmediale…

Declan McCullagh's Politech

Politech is the oldest Internet resource devoted to politics and technology. Launched in 1994, the Politech mailing list and then the web site has chronicled the growing intersection of law, culture, technology, politics, and law. Edited by Declan McCullagh.

[0x1] Politicians push for mandatory data retention laws, bipartisanly

[0x2] Who'd make the most technology-friendly president? Discuss.

[0x3] Judge rules defendant can't be forced to divulge PGP passphrase

[0x4] ITU botnet paper published in draft form, comments requested

[0x5] David Burt and his Filtering Facts Web site are back

[0x6] FTC Internet advertising summit in Washington this week

[0x7] Hamline University student suspended after pro-gun rights email

[0x8] MIT student picking up friend at airport nearly shot, charged with "infernal machine" crime

[0x9] Paul Levy: Politicians, infomercial kings try to stifle anonymous Internet speech

[0xA] Colorado sheriff creates roadblock so private firm can demand DNA blood samples

Lifehacker: hack attack

Lifehacker posts tagged hack attack

[0x1] Bypass Heavy-Handed Web Filters with Your Own Proxy Server [Hack Attack]

[0x2] Become a Gmail Master Redux [Hack Attack]

[0x3] How to Put Your PC to Good Use While You're Sleeping [Hack Attack]

[0x4] Build a Silent, Standalone XBMC Media Center On the Cheap [Winter Upgrades]

[0x5] Install Snow Leopard on Your Hackintosh PC, No Hacking Required [How To]

[0x6] How to Build a Hackintosh with Snow Leopard, Start to Finish [How To]

[0x7] Set Up "Push" Gmail on Your iPhone [Hack Attack]

[0x8] Carry Your PC on Your iPhone or iPod Touch [IPhone]

[0x9] Eight Best KeePass Plug-Ins to Master Your Passwords [Passwords]

[0xA] How to Set Up a Laptop Security System [Security]

GeekDad

Parents, Kids and the Stuff We Obsess About

[0x1] Comics Spotlight On: The New Frontier

[0x2] Dork Tower Wednesday

[0x3] I, Google

[0x4] The Top 10 Movies That Should Never, Ever Be Converted to 3D

[0x5] Weave Your Way to Glory: Teragati for the iPhone

[0x6] GeekDad HipTrax #45

[0x7] Happy Pluto Discovery Day

[0x8] Bracket Yourself for March Madness

[0x9] Comic Review for the Older Geek Kids Age of Bronze: a Thousand Ships

[0xA] Do You Teach Your Kids About Darwin? (GeekDad Wayback Machine)

The Falcon's View

Mental meanderings of an infosec obsessive...

[0x1] Security BSides Austin 2010 - Join Us Saturday!

[0x2] RSA 2010 - Day 2 Round-up

[0x3] RSA 2010 - Day 1 Round-up

[0x4] RSA 2010 - Innovation Sandbox: Not Really Innovative

[0x5] Annual ABA ISC+EDDE Meeting After-Report

[0x6] The Need for Consumer-Oriented Intervention

[0x7] RSA 2010 Is Nearly Here

[0x8] Micro-Generation Closer to Reality

[0x9] A Sense of Self-Preservation

[0xA] 2010 CWE/SANS Top 25 Most Dangerous Programming Errors Released

F-Secure Antivirus Research Weblog

Weblog of F-Secure Antivirus Research Team

[0x1] How are ATM skimmers installed?

[0x2] PDF Based Targeted Attacks are Increasing

[0x3] Darkmarket Avatars

[0x4] Desperate Phishing Attempt

[0x5] The Morphing PDF

[0x6] SEO Poisoning Sites Use Flash for Redirection

[0x7] Another Bot Bites the Dust?

[0x8] I'm Feeling Lucky?

[0x9] Pwn2Own Interview with Charlie Miller

[0xA] RSA Conference 2010

Hak5 - Technolust since 2005

[0x1] Episode 703 – Free Application Sandbox Challenge and Top “Ultra” Warez

[0x2] Episode 702 – DHCP Exhaustion and DNS Man-in-the-Middle

[0x3] Episode 701 – Botnet Command & Control and Man-in-the-Middle detection

[0x4] Episode 620 – IP Spoofing, World of Goo Mods, Linux Drive Encryption, Ultralight Notebooks and much more

[0x5] Episode 619 – Hospitalized Hacking: Droid Tether, Theme Generation & more

[0x6] Boot Google’s Chromium OS live from USB

[0x7] Play Doom on the hacked Zipit Z2

[0x8] Hacking the Motorola Droid: Root Access!

[0x9] Episode 618 – Droid Rooting, Zipit Doom & USB Live Chrome OS

[0xA] Strip SSL security with a man-in-the-middle attack

Penetration Testing

While this list is intended for "professionals", participants frequenly disclose techniques and strategies that would be useful to anyone with a practical interest in security and network auditing.

[0x1] Re: Case studies books

[0x2] Re: Evaluating pentesters

[0x3] Re: Professional Scrpt Kiddies vs Real Talent

[0x4] Re: Evaluating pentesters

[0x5] Re: Evaluating pentesters

[0x6] Re: Professional Scrpt Kiddies vs Real Talent

[0x7] Re: Professional Scrpt Kiddies vs Real Talent

[0x8] Re: Professional Scrpt Kiddies vs Real Talent

[0x9] Re: proposed pen-test

[0xA] Re: Professional Scrpt Kiddies vs Real Talent

Packet Storm Security Exploits

Packet Storm Last 10 Exploits

[0x1] anantasoft-xsrf.txt

[0x2] notepadpoc.zip

[0x3] ispcp-rfi.txt

[0x4] httpdx-breaksvc.txt

[0x5] softbizjobsrecruitment-sql.txt

[0x6] campsite-xsrf.txt

[0x7] 60cyclecms-xss.txt

[0x8] friendlytr69-sql.txt

[0x9] hydra-sqlxss.txt

[0xA] rivercms-sql.txt

CSO Blogs - Identity Management

[0x1] Hacker, Cracker, Salafi, Spy - Be There!

[0x2] Connecticut AG files HITECH Act Law Suit…holy IT health records enablement!!

[0x3] Hold Developers Legally Accountable for Software Security Flaws?

[0x4] Time to re-think encryption

[0x5] CyberTerror - the Arms Race We're Losing

[0x6] Data Genomes and Persistent Security - Protecting Information at its Inception

[0x7] High Tech Firms Who Outsource Software Development to China - The Dirty Little Secret

[0x8] Reasons Why Granny Clampett Kept Her Money in Her Mattress

[0x9] Good riddance!

[0xA] $200 Discount for RSA

SearchSecurity: Threat Monitor

Tactical advice on defending against current threats, including viruses, worms, spyware and bots.

[0x1] Clientless SSL VPN vulnerability and Web browser protection

[0x2] Defending against RAM scraper malware in the enterprise

[0x3] Server Message Block Version 2 security in question: Disable or patch?

[0x4] How to detect software tampering

[0x5] How to prevent phishing attacks with social engineering tests

[0x6] Preventing hacker attacks with network behavior analysis IPS

[0x7] How SSL-encrypted Web connections are intercepted

[0x8] Special Report: How to find jobs in information security

[0x9] How to defend against rogue DHCP server malware

[0xA] How to find and stop automated SQL injection attacks

SecureLexicon

[0x1] Michigan Homeland Security Consortium Podcast – Pixel Velocity

[0x2] Cyber War is with Us

[0x3] Risk Mitigation through Collaborative Innovation

[0x4] Political Survival for Security Pros – #1

[0x5] Food for Thought – Creation Spaces

[0x6] IT Talent Helping Haiti

[0x7] NetWitness’s Amit Yoran on The Art of War

[0x8] How to Sell Security Investments

[0x9] PGP’s Dunkelberger on Data Protection

[0xA] The Factors of CIO Success

CSOONLINE.com - Business Continuity

[0x1] Travel Security: What to Pack to Survive a Natural Disaster

[0x2] Massive Storms Don't Halt D.C. IT Ops

[0x3] Disaster in Haiti: Advice for Employees and Operations on the Ground

[0x4] Chemical Spill Response: How Dow is Training Small Town America to Handle Hazmat Emergencies

[0x5] SLIDESHOW: Chemical Safety Training

[0x6] Most Businesses READY for Flu Pandemic?

[0x7] Business Continuity and Disaster Recovery in a Tornado Zone

[0x8] Study: Air Cargo Security Seriously Lacking

[0x9] Swine Flu: Watching the Southern Hemisphere for Signs of H1N1 Havoc

[0xA] Symantec: Disaster Recovery Pressures Mount for Business

Jeremy's Brain Dump

Some worthless information from my brain.

[0x1] FISMA

[0x2] Access Controls Article

[0x3] PMP Equations

[0x4] Math

[0x5] What is security

[0x6] New Hosting

[0x7] Wordpress 2.3 and Feedburn Widget

[0x8] So, what is a CISSP anyways?

[0x9] Upgrading the OS on my MythBox

[0xA] Blogs vs. Forums

Techworld.com Networking

Latest IT articles from Techworld's Networking channel

[0x1] Cisco shows off Internet super-router

[0x2] Asus Home Server TS mini review

[0x3] Microsoft shuffles web browsers on ballot screen

[0x4] US lifts Internet sanctions on Iran, Sudan, Cuba

[0x5] Internet Explorer 6 buried in funeral

[0x6] Ex-Novell CTO becomes W3C chief

[0x7] TalkTalk upgrades broadband up to 24Mbps

[0x8] IBM connects chips with light

[0x9] US may use WTO to resolve Google-China dispute

[0xA] Hedge fund has Novell in its sights

Latest Virus Descriptions

[0x1] Backdoor.Win32.Clampi.a

[0x2] Trojan-Dropper.Win32.Agent.albv

[0x3] Backdoor.Win32.Agent.abgg

[0x4] Trojan-Dropper.Win32.Kido.a

[0x5] Trojan-Downloader.Win32.Kido.a

[0x6] Email-Worm.Win32.Merond.a

[0x7] Trojan.Win32.Agent.azsy

[0x8] Trojan.Win32.Agent2.dtb

[0x9] Trojan-Downloader.Win32.Small.ydh

[0xA] Trojan-Downloader.Win32.Agent.ahoe

LinuxSecurity.com: Debian Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Review: Mod-Security 2.5 by Magnus Mischel

[0x3] Debian: 2009-1: tdiary: insufficient input sanitisi

[0x4] Debian: 2008-1: typo3-src Multiple Vulnerabilities

[0x5] Debian: 2006-1: sudo: Multiple vulnerabilities

[0x6] Debian: 2004-1: linux-2.6.24: privilege escalation/denial of service/sensitive memory leak

[0x7] Debian: 2004-1: samba: Multiple vulnerabilities

[0x8] Debian: Linux 2.6.18 several vulnerabilities

[0x9] Debian: polipo denial of service

[0xA] Debian: php5 multiple vulnerabilities

Robert E. Lee

Thoughts on security testing methodologies, regulatory compliance, security tools, security metrics, and other current events.

[0x1] Sockstress TCP DoS - CERT-FI Advisory

[0x2] Sockstress TCP DoS - CERT-FI Statement Update

[0x3] Jack C. Louis - The loss of a dear friend...

[0x4] Good to be back...

[0x5] Unicornscan on Debian - Some updated notes...

[0x6] TCP DoS tool (Complemento)...

[0x7] Fnta [Error fantaip.c:428] short packet!!!!

[0x8] Athens...

[0x9] On the road again...

[0xA] T2 Sockstress Talk Recap...

MITRE Career News

The MITRE Career News feed offers stories about working at MITRE, from our popular Employee Spotlight features, to useful information about upcoming recruiting events and more.

[0x1] Helping to See the Big Picture

[0x2] Invitational Career Event Announced for MITRE's Ft. Meade Location in March

[0x3] Collaboration Helps Sponsors Address Data Security Challenges

[0x4] Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"

[0x5] Contributions to NextGen

[0x6] MITRE Named One of FORTUNE's "100 Best Companies to Work For" Nine Years in a Row

[0x7] ISR Forensics in the Lab and in the Field

[0x8] Pursuing Information Security Opportunities at Fort Meade

[0x9] First–Rate Career, Second Time Around for Working Mom

[0xA] Modeling a "Green" Effort

O'Reilly Conferences: OSCON

Announcements, articles, blogs, photos, and podcasts about O'Reilly conferences.: OSCON

[0x1] OSCON Puts Open Source to Work: O'Reilly Open Source Convention Opens Call for Participation

[0x2] OSCON Early Registration Extended

[0x3] OSCON Early Registration Ends June 2

[0x4] O'Reilly News Release: Open Source Convention Reveals Program and Opens Registration: OSCON 2009 Open for Business

[0x5] News Release: O'Reilly OSCON Opens Call for Participation

[0x6] arstechnica.com: Why Stallman is wrong when he calls cloud computing stupid

[0x7] News Release: O'Reilly's Tenth Annual OSCON Explores Open Source's Dynamic Future

[0x8] Ars Technica: Beer and Coding in Portland: Ars at OSCON

[0x9] InfoWorld: Mobile Computing Now an Open Source Driver

[0xA] internetnews.com: OSCON: O'Reilly Bullish on Open Source

HSC Security Portal

Hackers Center Security Portal is one of the most complete, updated and visited Securty portals on the net. We offer Security Blogs, Exploits, Texts, Tools

[0x1] Scrubyt 0.4

[0x2] Sahi V3

[0x3] UrlParams 2.2.0

[0x4] TemperIE

[0x5] Nikto 2

[0x6] hcraft 1.0.0

[0x7] MSNPawn 1.1

[0x8] httprint

[0x9] DIRB

[0xA] WebInject 1.4

Penetration testing blog

A penetration tester's sequence of words for the community

[0x1] Hacking Internet Kiosks and iKAT

[0x2] Disguising a USB drive as a standard phone jack @ home

[0x3] Python script for renaming and deleting files recursively (AKA: Fixing a broken magento update)

[0x4] CLOC - Count Lines of Code

[0x5] Counting lines of source code

[0x6] CISCO IOS Rookits are da bomb

[0x7] Testing a personal firewall solution, a couple of resources

[0x8] Mass deleting your e-mails from Gmail

[0x9] Gmail security? Well at least start with customizegoogle

[0xA] Quick shellscript for replacing a watermark

TechRadar: Internet news

TechRadar UK Internet feeds

[0x1] Exclusive: MSN Video Player launches, sets sights on Xbox and phones

[0x2] Guide: 8 ways to speed up Internet Explorer 8

[0x3] BT boss hits out at government's online piracy plans

[0x4] Google Apps Marketplace launches

[0x5] Google adds wiki-like features to Google Street View

[0x6] SXSWi 2010: South by South West Interactive 2010: what to look forward to

[0x7] Google prepping search for TV?

[0x8] In Depth: 10 of Wikipedia's wackiest arguments

[0x9] Google reveals reasons for data centre problems

[0xA] Google: Oscars brought lots of 'cathartic spooning'

FaceTime Communications - Press Releases

Press releases from FaceTime.

[0x1] FaceTime Survey Reveals 38% of IT Managers Ignoring Web 2.0 Risks

[0x2] FaceTime IMAuditor, Finalist for Best Security Solution for Financial Services

[0x3] IBM Software Services for Lotus to Resell FaceTime Communications Security and Compliance Solutions

[0x4] IBM Software Services for Lotus to Resell FaceTime Communications Security and Compliance Solutions

[0x5] FaceTime and YellowJacket Partner for Enhanced Energy Trading Compliance

[0x6] FaceTime Communications Names Tim Conley CFO

[0x7] FaceTime Wins Financial-i Leaders in Innovation Award for Messaging Compliance

[0x8] FaceTime Explores Social Media Compliance for Government Agencies at Gov 2.5 Conference

[0x9] FaceTime Adds Squid Proxy Support to Unified Security Gateway to Extend Enterprise Security for Web 2.0 Platforms

[0xA] FaceTime's application database acquisition highlights need for Web 2.0 control and security

Kaspersky.com / All News

[0x1] Kaspersky PURE Provides Ultimate Home-Wide Protection Against Digital Pollution

[0x2] Gumblar Strikes Again To Dominate The Online Threat Landscape Throughout February

[0x3] Kaspersky Lab announces the structural reorganization of EEMEA Geographic Division

[0x4] Beware the Internet: Monthly Malware Statistics for February 2010

[0x5] Kaspersky Lab Recommends 'Patching Human Vulnerabilities' On A Regular Basis To Protect Corporate IT Systems

[0x6] Kaspersky Lab announces the result of judicial proceedings with its distribution partner for the Benelux countries

[0x7] Kaspersky Lab recommends 'Patching human vulnerabilities' on a regular basis

[0x8] Kaspersky Lab announces Kaspersky PURE, the ultimate protection for your digital life

[0x9] Kaspersky Lab named one of the top 10 ICT brands in Malaysia

[0xA] Visit Kaspersky Lab at RSA Conference

TechRadar: All news feeds

TechRadar UK news feeds

[0x1] Hands on: Sony Bravia Internet Video review

[0x2] Humax rolls out iPlayer to Freesat users

[0x3] Exclusive: MSN Video Player launches, sets sights on Xbox and phones

[0x4] Vodafone planning own £130 Android phone?

[0x5] In Depth: 10 unusual but cool iPhone apps

[0x6] Facebook wants its own 'Sonic or Mario or Halo'

[0x7] Guide: 8 ways to speed up Internet Explorer 8

[0x8] World's first commercially available Jetpack goes on sale

[0x9] Exclusive: Why Sharp thinks TVs need an extra pixel colour

[0xA] Exclusive: Vodafone UK reassures HTC Magic users over virus claims

Managing Intellectual Property & IT Security

New methods of communications are changing the way that we do business, from hiring people, to designing scalable systems, to breaking down silos across organizations, how we manage information and systems in the Web 2.0 world is going to determine how well we compete as people and as companies in the future.

[0x1] 10 things to think about with Cloud Computing and Forensics

[0x2] How to set up your single cloud computer for multiple web sites

[0x3] Facebook entry leads to military raid being canceled

[0x4] Lower Merion County School Spy case gets odder

[0x5] Seven Deadly Sins in Cloud Computing Security

[0x6] Cloud Computing Globalization and the American IT Worker

[0x7] Yes it is possible to resource starve a Cloud Computer

[0x8] School used Remotely Activated Web Cams used to spy on high school students at home

[0x9] Nothing says Information Security Fail quite like 75000 compromised computers

[0xA] Telecoms unite against Apple

InformationWeek Security News

InformationWeek

[0x1] Google Launches Store For Web Apps

[0x2] Microsoft Fixes Eight Bugs, Warns Of IE Zero-Day

[0x3] Mariposa Botnet Malware Found On Vodaphone HTC Magic

[0x4] InformationWeek's RSS Feed is brought to you by

[0x5] Energizer Removes Infected Battery Monitoring Software

[0x6] GAO Knocks Federal Cybersecurity Plan

[0x7] Google Buzz Stung By Lawsuit

[0x8] RSA: Cybersecurity A Joint Fed, Industry Effort

[0x9] Fed Emergency Communications Center Struggling

[0xA] Google Buys Maker Of Microsoft Office Plugin

ZDI: Upcoming Advisories

Upcoming Advisories

[0x1] ZDI-CAN-711: Apple

[0x2] ZDI-CAN-702: Apple

[0x3] ZDI-CAN-691: Apple

[0x4] ZDI-CAN-689: Apple

[0x5] ZDI-CAN-688: Apple

[0x6] ZDI-CAN-687: Apple

[0x7] ZDI-CAN-704: Apple

[0x8] ZDI-CAN-703: Apple

[0x9] ZDI-CAN-696: Adobe

[0xA] ZDI-CAN-693: Mozilla Firefox

SecureWorks Info Feed

SecureWorks news, press releases, events, and research alerts.

[0x1] News: SecureWorks Identifies (Credit Union Times)

[0x2] Event: eBank Systems User Technology Conference

[0x3] Announcement: SecureWorks Named Finalist in 2010 SC Magazine Awards Europe for MSSP of the Year

[0x4] Threat Analysis: BlackEnergy Version 2 Analysis

[0x5] News: Software helps hackers empty corporate accounts (London Financial Times)

[0x6] Event: eBankSystems 2010 Users Conference

[0x7] Announcement: Hacker Attacks Targeting Healthcare Organizations Doubled in the 4th Quarter of 2009 according to SecureWorks' Data

[0x8] Threat Analysis: Opachki Link Hijacker Trojan Analysis

[0x9] News: New Russian Botnet Tries To Kill Rivals (Slashdot)

[0xA] Event: e-crime Congress 2010

OutScribe

All the tech that matters...

[0x1] Best And Most Used Symbian Applications On My Mobile

[0x2] Google Strips Beta Tag from Gmail, Calendar, Docs and Talk, Salvages the World

[0x3] Protect Your Precious and Pricey Mobile From Theft

[0x4] Use your old mail accounts to use your LinkedIn connections optimally

[0x5] GPS Bluetooth Receiver and Data Logger - Visiontac VGPS-900

[0x6] Why Wolfram Alpha is not a Google Killer!

[0x7] Google Internet Bus is coming to Bengaluru!

[0x8] Now share your Google Latitude location with Gtalk buddies and on your blog!

[0x9] When the Moon came close to say Hi!!

[0xA] Google launches “What’s Popular” Gadget, limits it to iGoogle

Zero in a bit

Application security testing, analysis, and metrics

[0x1] Veracode at RSA 2010

[0x2] Mobile Malware Counterpoints

[0x3] In Which We Dispel Misconceptions

[0x4] Is Your BlackBerry App Spying on You?

[0x5] Mobile App Security

[0x6] Google Admitting Compromise Good News

[0x7] An Ounce of Prevention is Worth a Pound of Cure

[0x8] We Need To Learn More About the RBS Worldpay ATM Attack

[0x9] White Box Better Than Black Box

[0xA] From the 10 Years Ago Today Department

Shellcode - Shell-storm.org

Last shellcodes

[0x1] disabled modsecurity - 64 bytes

[0x2] SP3 english ( calc.exe ) - 37 bytes

[0x3] SP2 english ( calc.exe ) - 37 bytes

[0x4] execve /bin/sh - 21 bytes

[0x5] /bin/sh - 8 bytes

[0x6] Shellcode (cmd.exe) for XP SP2 Turkish - 26 Bytes

[0x7] Shellcode (cmd.exe) for XP SP3 English - 26 Bytes

[0x8] bin/cat /etc/passwd - 43 bytes

[0x9] portbind shellcode - 167 bytes

[0xA] XP SP3 addFirewallRule

Light Blue Touchpaper

Security Research, Computer Laboratory, University of Cambridge

[0x1] More on the SCR

[0x2] Evaluating statistical attacks on personal knowledge questions

[0x3] Reliability of Chip & PIN evidence in banking disputes

[0x4] Opting out of health data collection

[0x5] Measuring Typosquatting Perpetrators and Funders

[0x6] Call for papers: WEIS 2010 — Submissions due next week

[0x7] What’s the Buzz about? Studying user reactions

[0x8] Chip and PIN is broken

[0x9] Romantic cryptography

[0xA] New attacks on HMQV

The InfoSec Blog

System Integrity: Without Integrity you don't have Security

[0x1] About Social Networking policy

[0x2] Text vs HTML: what is more secure?

[0x3] Arrogant? Who? Us?

[0x4] Throwing in the towel

[0x5] The wedge gets thicker

[0x6] Why don’t companies apply more risk analysis?

[0x7] How much would you give up your laptop for?

[0x8] The Cost of patching

[0x9] Speil Chequers

[0xA] How Many Deaths?

milw0rm.com

milw0rm.com's latest exploit rss feed

[0x1] BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2

[0x2] Joomla com_mytube (user_id) Blind SQL Injection Exploit

[0x3] Joomla com_jinc (newsid) Blind SQL Injection Vulnerability

[0x4] Snort < 2.8.5 Unified1 Output Denial of Service Exploit

[0x5] WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities

[0x6] Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

[0x7] ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability

[0x8] CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability

[0x9] cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit

[0xA] Winplot (.wp2 File) Local Buffer Overflow Exploit

Threat Level

Privacy, Crime and Security Online

[0x1] Supreme Court Takes ‘Informational Privacy’ Case

[0x2] Lifelock Dinged $12 Million for Deceptive Business Practices

[0x3] Pink Floyd, EMI Brawl Over iTunes Royalties

[0x4] Feds Move to Break Voting-Machine Monopoly

[0x5] Funeral Flap: Justices Weigh Religion, Speech Rights

[0x6] 11 More U.S. Airports Get Body Scanners

[0x7] White House Cyber Czar: ‘There Is No Cyberwar’

[0x8] Security Pros Question Deployment of Smart Meters

[0x9] DMCA Muscle Kills DVD Copying, for Real

[0xA] ‘Google’ Hackers Had Ability to Alter Source Code

ThinkGeek :: What's New

Stuff for Smart Masses - Product Announcements

[0x1] T-Shirts & Apparel : Bazinga! Babydoll

[0x2] T-Shirts & Apparel : Bazinga!

[0x3] T-Shirts & Apparel : Cuttle Me Babydoll

[0x4] T-Shirts & Apparel : Torso-Friendly Hadron Collider

[0x5] Geek Toys : Alien 18" Figure

[0x6] Gadgets : Mini iPhone Microphone

[0x7] Home & Office : Chat Pillows

[0x8] Geek Toys : Portal Weighted Companion Cube "Fuzzy Dice"

[0x9] Geek Toys : Half-Life 2 Headcrab Plush

[0xA] Geek Kids : Snap Circuits Jr. 100 in 1

AVG Top Threats

Latest security threats

[0x1] Downadup/Conficker worm

[0x2] I-Vers/Nuwar

[0x3] I-Vers/Nuwar

[0x4] I-Worm/Nuwar

[0x5] Win32/Mabezat.A

[0x6] Downloader.Tibs

[0x7] Trojan Downloader.Agent.UZM

[0x8] I-Worm/Stration downloader

[0x9] I-Worm/Stration downloader

[0xA] Stration downloader

Twitter / exploitdb

Twitter updates from Exploit Database / exploitdb.

[0x1] exploitdb: 60cycleCMS Persistent XSS Vulnerability http://url4.eu/1jV7u

[0x2] exploitdb: Campsite v3.3.5 CSRF Vulnerability http://url4.eu/1jV7t

[0x3] exploitdb: Friendly-Tech FriendlyTR69 CPE Remote Management v2.8.9 SQL Injection Vulnerability http://url4.eu/1jV7s

[0x4] exploitdb: NUs Newssystem v1.02 (id) SQL Injection Vulnerability http://url4.eu/1j9bZ

[0x5] exploitdb: JAD java decompiler 1.5.8g (.class) Stack Overflow DoS http://url4.eu/1j1Zm

[0x6] exploitdb: JAD java decompiler 1.5.8g (argument) Local Crash http://url4.eu/1j1Zn

[0x7] exploitdb: mhproducts kleinanzeigenmarkt search.php SQL Injection http://url4.eu/1j1Zl

[0x8] exploitdb: SQL injection vulnerability in Wild CMS http://url4.eu/1j1Zk

[0x9] exploitdb: Rsstatic SQL Injection http://url4.eu/1j0Xd

[0xA] exploitdb: Subdreamer 2.4.3 and 3.0.1 XSS http://url4.eu/1j0Xe

Free Network / Communications Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications about networking and communication technologies and management.

[0x1] A Newbie's Getting Started Guide to Linux

[0x2] The Easy Guide To Computer Networks

[0x3] Microwaves & RF

[0x4] Build an Agile Infrastructure for Faster, Easier Collaboration

[0x5] Build a Smarter IT Infrastructure for Your School

[0x6] Building a Smarter IT Infrastructure for Local Government

[0x7] FierceCable

[0x8] Mission Critical

[0x9] Business VoIP Comparison Guide

[0xA] The Federal Case for Application Delivery Networks

Securitas Operandi™

Incorporating security and risk into everyday thought.

[0x1] Certification and Experience: Putting the Cart Before the Horse

[0x2] How to opt out from advertising tracking cookies

[0x3] Connection? TSA Breach + airliner bomb attempt

[0x4] Time Magazine – Google Earth mystery solved

[0x5] E-mail security problems and the Canadian ISPs that are ignoring them

[0x6] TSA learns redaction lesson the hard way…

[0x7] Breathing new life into old hardware with Ubuntu

[0x8] Rest in peace: officers Renninger, Griswold, Owens and Richards

[0x9] Switch to Kaspersky

[0xA] Security question: being watched while watching videos

2600: The Hacker Quarterly

Off The Hook and Off The Wall

[0x1] Off The Wall show for March 9, 2010

[0x2] Off The Hook show for March 3, 2010

[0x3] VERIZON OUTAGE FINALLY OVER AFTER FOUR DAYS

[0x4] THE NEXT HOPE PREREGISTRATION NOW OPEN

[0x5] CALL FOR SPEAKERS FOR THE NEXT HOPE

[0x6] WINTER ISSUE OF 2600 RELEASED

[0x7] 2600 POLO SHIRTS ARE OUT!

[0x8] CLUB MATE NOW AVAILABLE THROUGH 2600

[0x9] AUTUMN ISSUE OF 2600 RELEASED

[0xA] SUMMER ISSUE OF 2600 RELEASED

Reuters: Top News

Reuters.com is your source for breaking news, business, financial and investing news, including personal finance and stocks. Reuters is the leading global provider of news, financial information and technology solutions to the world's media, financial institutions, businesses and individuals.

[0x1] Pelosi faces biggest test on healthcare vote

[0x2] Brown says UK to maintain AAA credit rating

[0x3] Biden scolds Israel over settlement plan

[0x4] First Iraq vote results expected by Thursday: U.N.

[0x5] Retaliation fears stalk Nigeria city after clashes

[0x6] Ahmadinejad, Gates trade barbs in Afghanistan

[0x7] Iceland opposition toughens on new "Icesave" talks

[0x8] Economists trim 2011 U.S. growth forecast

[0x9] Bomber's death fresh blow to Indonesia militants

[0xA] Obama effect boosts Nobel Peace Prize nominations

Syrinx Technologies Podcasts

Interviews with local, regional and international technology experts on various topics.

[0x1] Application Development in a Web 2.0 World

[0x2] Ingredients for a Successful Disaster Recovery Plan

[0x3] Security & Web Facing Applications

[0x4] Different Approaches to SSO

[0x5] Story as Brand

[0x6] Effective Network Management Strategies

[0x7] HIPAA Privacy and Security

[0x8] What’s Wrong with the Federal, State and Local Budget Process

[0x9] Business Continuity Planning

[0xA] Identity Federation and Compliance

IHS

Home of Johnny Long and Hackers for Charity, Inc

[0x1] Mini DV camcorder anyone?

[0x2] Video games 4 street kids

[0x3] Day 4,5,6,7

[0x4] Day 2&3

[0x5] USA: Day 1

[0x6] We’re Baaack! =)

[0x7] Learning

[0x8] Video blog: Boda rides in Kampala

[0x9] Video blog: Feb 17, 2010

[0xA] Long Journey Video Blog: Feb 12, 2010

Why Joseph

InfoSec Thoughts Ideas and Practice

[0x1] First virus removal of 2010: article 201001

[0x2]

[0x3] Looking for a New Opportunity

[0x4] Bootable BackTrack 3 USB drive that allows Persistent Changes: article 200914

[0x5] My July 4th Photo's from Plano Texas: article200913

[0x6] FOLLOW UP Hacking Practical 1: Cracking WEP: article 200912

[0x7] Hacking Practical 1: Cracking WEP: article 200911

[0x8] Script the World 2; Know Your Variables: article 200910

[0x9] Unetbootin for OS on a USB Stick: article 200909

[0xA] XCACLS over SubInACL: article 200908

SearchSoftwareQuality: Software quality news and advice

News, analysis and technical advice about securing applications and Web services.

[0x1] Software project manager perspective: The components of successful application development

[0x2] Software requirements gathering techniques

[0x3] Making unit testing a priority

[0x4] Excelling in Agile software development, testing and quality tutorial

[0x5] Top-notch tools for your software project manager toolbox

[0x6] Agilists share product owner stories on Scrum and Agile

[0x7] New fuel to the Agile ALM solution fire from Version One

[0x8] The Agile way, who can do it and who can't?

[0x9] Agile project estimation guided by expert Mike Cohn

[0xA] Scrum Master or Scrum project management, is there a difference?

It's a shampoo world anyway

...la lausige Leben, revisited

[0x1] NoScript now includes LocalRodeo-like functionality

[0x2] OWASP Germany Conference

[0x3] LocalRodeo (beta) for Firefox 3

[0x4] Travel ahead

[0x5] DeepSec 2007 Roundup

[0x6] Why I do not like taint tracking

[0x7] DNS rebinding at CCS'07

[0x8] CfP: NordSec 2007 - The 12th Nordic Workshop on Secure IT Systems

[0x9] 2nd Rule: You do blog about Bar Camp

[0xA] New LocalRodeo Version

Uninformed Journal

Informative information for the uninformed

[0x1] Using dual-mappings to evade automated unpackers

[0x2] Analyzing local privilege escalations in win32k

[0x3] Exploiting Tomorrow's Internet Today: Penetration testing with IPv6

[0x4] Can you find me now? Unlocking the Verizon Wireless xv6800 (HTC Titan) GPS

[0x5] An Objective Analysis of the Lockdown Protection System for Battle.net

[0x6] ActiveX - Active Exploitation

[0x7] Context-keyed Payload Encoding

[0x8] Improving Software Security Analysis using Exploitation Properties

[0x9] Real-time Steganography with RTP

[0xA] PatchGuard Reloaded: A Brief Analysis of PatchGuard Version 3

Veracode in the News

Read the latest news about Veracode

[0x1] 1.15.10 - USA Today

[0x2] 1.7.10 - V3

[0x3] 12.15.09 - Mass High Tech

[0x4] 12.10.09 - Forbes

[0x5] 12.08.09 - SC Magazine

[0x6] 12.10.09 - V3

[0x7] 12.2.09 - Forbes

[0x8] 11.18.09 - BBC

[0x9] 11.18.09 - The Last Watchdog

[0xA] 11.18.09 - SC Magazine

Help Net Security - News

Help Net Security is a daily updated security related site. We offer information on the latest happenings in the InfoSec world, advisories, viruses, papers, and more. HNS also has a large download section of security tools for Windows, Linux, Mac OS X and Pocket PC.

[0x1] Twitter tackles phishing problem

[0x2] Online banking rip-offs go up, card fraud goes down

[0x3] 9 million ZeuS attacks blocked in the last 6 months

[0x4] Human exploit attacks surpass the software flaw approach

[0x5] And the winner is… FakeAV!

[0x6] Eight vulnerabilities fixed, one IE 0-day warning for Patch Tuesday

[0x7] UK threatens to retaliate over cyber attacks

[0x8] Log review checklist for security incidents

[0x9] An introduction to virtualization security

[0xA] Email security trends

Security Database Tools Watch

[0x1] FireCAT v1.6 updated with 4 Firebug add-ons

[0x2] Eclipse HTTP Client (HTTP4e) v3.0 available

[0x3] SubSeven v2.3.2010 released

[0x4] GeoIPgen v0.4 – Country-to-IPs generator

[0x5] OpenSCAP v0.5.7 released

[0x6] Dradis v2.5.1 released

[0x7] Flint v1.0 the Firewall Rules Checkup Scanner

[0x8] DirBuster v1.0 RC 1 - released

[0x9] plecost v0.1.6 RT Beta - WP finger printer tool

[0xA] Building your own malware lab (Part 1 & 2) - SecTechno

Security Watch

Security Watch is a resource center for everything related to tech security: the latest news, review summaries and advice on security-related topics. We show you how you can protect your online identity and keep your computer safe.

[0x1] LimeWire Adds AVG Malware Scanning To Pro Service

[0x2] PayPal Recommends Iconix Email Authentication System

[0x3] Government Bombarded With Cyber Attacks

[0x4] Vodafone Distributes Malware on HTC Magic Mobile

[0x5] IE Zero Day Attacks Expose IE6, IE7 Users

[0x6] Patch Day Light Yields 2 Updates From Microsoft

[0x7] FTC Warns Companies of Breached Data on P2P Nets

[0x8] Trojan Found in USB Battery Charger Software

[0x9] Beware Fake Census Sites

[0xA] New Law If You Have Customers in Massachusetts

Aladdin Knowledge Systems Latest Press Releases

Aladdin Knowledge Systems Latest Press Releases - RSS Feed

[0x1] Ontario's York Regional Police Meet Canadian Government Regulations with Aladdin eToken

[0x2] Software Piracy in a Recession - Getting Kicked When You Are Down

[0x3] China's Largest CAD/CAM Software Developer Selects Aladdin HASP SRM

[0x4] HASP SRM v 3.60 Provides Automatic File Wrapping for Windows x64 Applications

[0x5] Aladdin Knowledge Systems to Hold Extraordinary General Meeting of Shareholders on February 20, 2009

[0x6] Blog: When good blogs go bad. Or, What is cool about promoting software piracy?

[0x7] Aladdin Announces HASP SRM SaaS Pass

[0x8] Aladdin Knowledge Systems Enters Into Merger Agreement with Vector Capital Affiliate

[0x9] Aladdin Knowledge Systems Comments on Media Reports about Jasmine Discussions

[0xA] Aladdin Named Finalist in 2009 SC Awards Program

CSO Blogs - Data Protection

[0x1] Online retailer Monoprice takes its site down as customers complain of fake charges

[0x2] Wyndam: 37 hotels were hit in latest hack

[0x3] The Insider: A Liability or an Asset?

[0x4] Exclusivity in Cloud Engagements

[0x5] Hacker, Cracker, Salafi, Spy - Be There!

[0x6] Don't Pushdo - The Year of the Dragon (Research Group)

[0x7] Connecticut AG files HITECH Act Law Suit…holy IT health records enablement!!

[0x